Aqua Security, the pioneer in cloud native security, today announced an integration with the ServiceNow® Container Vulnerability Response feature to enable joint customers to identify vulnerabilities in running containers with the broadest coverage across operating systems and programming languages, and with the highest accuracy. Security and application teams can automate vulnerability triage, identify high-risk findings and prioritise follow up using ServiceNow filtering rules including application context.
The integration supports automated ingestion, filtering and grouping through the ServiceNow Vulnerability Response application of Aqua’s vulnerability scan findings, helping security and application teams to identify, prioritise and triage vulnerability risk at scale for their containerised applications using standardised, consistent workflows. Research from Aqua Nautilus shows that container-based attacks are on the rise, proving the urgency for accurate scanning findings and accelerated response times.
The Vulnerability Response application provides security and application teams with a consolidated, transparent and efficient response and triage process for their expanding cloud native footprint risks. The Aqua integration connects the automation, grouping, assignment workflow and automation capabilities of the ServiceNow platform with container vulnerability scan data and findings from Aqua Security.
Along with helping teams operate more efficiently based on highly accurate findings from Aqua’s best-in-class vulnerability, secrets and malware scanner across programming languages, container base images and Dockerfiles for both containers running in production and registry images, teams can also triage based on prioritisation rules and assign responsibility based on which applications the container image vulnerability is associated with. In responding to a zero-day vulnerability, like the Log4J and Spring4Shell scenarios, the speed and accuracy of Aqua’s findings helps teams better automate and focus based on relative vulnerability risk and application context, rather than contend with guesswork for an overwhelming volume of findings before putting triage into action.
“Aqua’s customers that adopt ServiceNow Vulnerability Response can continue to leverage Aqua for accurate, comprehensive insights into container vulnerabilities,” said Amir Jerbi, CTO and cofounder at Aqua. “Aqua’s integration with ServiceNow ensures teams can combine the best in vulnerability scanning and vulnerability response. Together we empower teams to manage business risks and keep their businesses online and secure.”
“Containerised applications have become mainstream and customers are looking for a way to identify and triage the growing volume of high-priority risks. Joining forces with Aqua, we can enable users of ServiceNow Vulnerability Response to better resolve the evolving threats facing their applications.” said Deepak Kolingivadi, Security Operations Product Owner, at ServiceNow. “Our partnership with Aqua allows us to solve this critical security challenge by helping teams address and remediate issues fast, and more efficiently with greater context.”
Learn more about the integration in the ServiceNow store.