Aqua Security
announced an integration with the ServiceNow Container Vulnerability Response feature to enable joint customers to identify
vulnerabilities in running containers with the broadest coverage across
operating systems and programming languages, and with the highest accuracy.
Security and application teams can automate vulnerability triage, identify
high-risk findings and prioritize follow up using ServiceNow filtering rules
including application context.
The integration supports automated ingestion, filtering
and grouping through the ServiceNow Vulnerability Response application of Aqua's vulnerability scan findings, helping security
and application teams to identify, prioritize and triage vulnerability
risk at scale for their containerized applications using standardized,
consistent workflows. Research from Aqua Nautilus shows that container-based attacks are on the rise,
proving the urgency for accurate scanning findings and accelerated response
times.
The Vulnerability
Response application provides security and application teams with a
consolidated, transparent and efficient response and triage process for their
expanding cloud native footprint risks. The Aqua integration connects the
automation, grouping, assignment workflow and automation capabilities of the
ServiceNow platform with container vulnerability scan data and findings from
Aqua Security.
Along with helping
teams operate more efficiently based on highly accurate findings from Aqua's
best-in-class vulnerability, secrets and malware scanner across programming
languages, container base images and Dockerfiles for both containers running in
production and registry images, teams can also triage based on prioritization
rules and assign responsibility based on which applications the container image
vulnerability is associated with.
In responding to a
zero-day vulnerability, like the Log4J and Spring4Shell scenarios, the speed
and accuracy of Aqua's findings helps teams better automate and focus based on
relative vulnerability risk and application context, rather than contend with
guesswork for an overwhelming volume of findings before putting triage into
action.
"Aqua's customers
that adopt ServiceNow Vulnerability Response can continue to leverage Aqua for
accurate, comprehensive insights into container vulnerabilities," said Amir
Jerbi, CTO and cofounder at Aqua. "Aqua's integration with ServiceNow ensures
teams can combine the best in vulnerability scanning and vulnerability
response. Together we empower teams to manage business risks and keep their
businesses online and secure."
"Containerized
applications have become mainstream and customers are looking for a way to
identify and triage the growing volume of high-priority risks. Joining forces
with Aqua, we can enable users of ServiceNow Vulnerability Response to better
resolve the evolving threats facing their applications." said Deepak
Kolingivadi, Security Operations Product Owner, at ServiceNow. "Our partnership
with Aqua allows us to solve this critical security challenge by helping teams
address and remediate issues fast, and more efficiently with greater context."