Aqua Safety has up to date its open-source mission Trivy to incorporate cloud safety posture administration (CSPM) capabilities.
Trivy is a code scanning device that appears by way of container photographs, file programs, and Git repositories for safety vulnerabilities.
Now, the device can be utilized with AWS, and Aqua Safety stated that help for different cloud suppliers is upcoming. AWS customers can use Trivy to scan their account for misconfigurations and insider threats. This allows customers to extra simply meet safety requirements and adjust to the CIS benchmarks.
RELATED CONTENT: ITOps Instances Open-Supply Venture of the Week: Trivy
Customers can outline their very own guidelines or use Trivy’s group catalog, which possible wouldn’t be an choice if utilizing the built-in cloud device. They will additionally preserve constant guidelines throughout IaC definitions and manufacturing environments.
One other advantage of this integration is customers will be capable to establish points in AWS even when the infrastructure is outlined from one other device, like Terraform or CloudFormation.
“That is the following step in our mission to simplifying cloud native safety for the group,” stated Itay Shakury, director of open supply of Aqua Safety. “Trivy is making cloud safety accessible and straightforward for everybody by way of the ability of Open Supply. We’ve been steadily releasing an increasing number of safety capabilities to the group by way of Trivy, and at the moment we’re excited to deliver the Trivy expertise to cloud and AWS customers.”