Aqua security product (agents)

For deeper security scanning of cloud native (containerized) workloads, try this tool.

Does it scan hosts as well?

Yes - it has Docker Image Scans  as well as Host scans

At what levels can you define policies?

Image Level Policies - Works for Docker Images, Works for AMIs as well.

DTA Scan  - Aqua will run images in their own sandbox container to provide more insight into runtime vulnerabilities

Runtime Policies - Runtime Container Policies - that can look for runtime vulnerabilities

DRIFT Prevention - on hosts and containers - checks for copying of executables etc. Very powerful for
VM Protection.

Firewall Management Remediation built in

This is another powerful feature in this product. Firewall rule policies - ALLOW DENY can be applied at HOST level or Container Level (Service Layer on top of containers).




Need an experienced AWS/GCP/Azure Professional to help out with your Public Cloud Strategy? Set up a time with Anuj Varma.