Aqua's serverless security solution provides end-to-end protection for serverless containers and functions. It offers vulnerability scanning, secrets detection, permission management, and runtime protection to ensure the security of serverless environments throughout the development lifecycle.

Key Features

Vulnerability and Malware Scanning Aqua scans functions using up-to-date vulnerability and malware data sources.

• Comprehensive coverage of CVEs and vendor advisories
• Minimizes false positives
• Detects cloud provider-specific keys and secrets

Shift-Left Security Integration Enables early integration of security measures in the development process.

• Native plugins for CI tools like Jenkins, Bamboo, and Azure DevOps
• CLI tool for automated scanning
• Developers can view scan results and mitigation suggestions in familiar environments

Permission Management Addresses the risk of over-provisioned permissions in serverless functions.

• Flags over-provisioned permissions
• Monitors unused permissions and roles over time
• Helps reduce permissions to necessary levels

Benefits

Enhanced Security Posture Improves overall security of serverless environments.

• Comprehensive vulnerability and malware detection
• Prevention of accidental exposure of secrets
• Reduced attack surface through proper permission management

Streamlined Development Process Integrates security seamlessly into the development workflow.

• Early detection and mitigation of security issues
• Automated scanning in CI/CD pipelines
• Faster fix cycles for security vulnerabilities