Third-party integrations send alerts from Aqua Wave to your intended recipient without requiring custom code using 

Aqua Wave APIs.


Supported Third-Party Integrations

The following third-party integrations are available to accounts on the following tiers: Team, Advanced, Premier

Please let us know if you would like an integration that is not in this list.

Permissions

Account users can see the existing integrations their Aqua Wave account.

Account administrators can create, delete, and update third-party integrations.


Data

The data sent to a third-party integration depends upon the features sending information to it.

  • Scan Reports send a count of passing, warning, failing, unknown, and new risks.
  • Per-Plugin Alerts send failures and warnings related to each plug-in. For example, when plugin “Root Account In Use” is in a failing state.
  • Per-Event Alerts send failures and warnings related to the security of a changed configuration. For example, when AWS CloudTrail API call “deleteSecurityGroup” was detected.

Aqua Wave can send scan report summaries (a count of passing, warning, failing, unknown, and new risks), as well as per-plugin alerts for scans (e.g. Alert when plugin “Root Account In Use” is in a failing state), or per-event routings (e.g. Alert when AWS CloudTrail API call “deleteSecurityGroup” was detected) for real-time events. For Splunk integrations, Aqua Wave can also send a full copy of the scan results in JSON format.


Integration Source Code

The source code for each third-party integration is available in Aqua Security's open source repo.

It also includes instructions for writing a third-party integration.