About

Aqua CWPP protects applications from development to production, across VMs, containers, and serverless workloads, up and down the stack.

User Permissions and Prerequisites

The Aqua user must have a Scanner role.

Go to Aqua portal > Access Management > Add a user with a Scanner Role.

Configure the Aqua CWPP Connector

Log in to your Vulcan Cyber dashboard and go to Connectors.
Click on Add a Connector.
Click on the Aqua CWPP icon.
Enter the following information into the connector setup page:
- Server URL
- Username and password (minimum user role requirements: Scanner role)
Click the Test Connectivity button to verify that Vulcan Cyber can connect to your Aqua instance, then click Create (or Save Changes).
Allow some time for the sync to complete. You can review the sync status under Log.
To confirm the sync is complete, navigate to the Connectors tab to check the sync status. Once the Aqua CWPP icon shows Connected, the connection is complete.

Fields Mapping - Hosts

Aqua CWPP field	Vulcan field
Logical name	Asset name
subnets, vpc id, hostname, vendor name, security groups, private ips, public ips, public dns, location, account id	Asset details
Hosts	Asset type
Addresses	IP
Host OS	OS
Vendor name, account ID, location	Asset tags
name	Vulnerability title
CVSS score	Vulnerability score
Description	Vulnerability description
`"report_item_cve"` `"cvss_score"` `"affected_packages"` `"added_data"` `"resource_name"` `"resource_version"` `"vendor_severity"` `"vendor_cvss2_score"` `"vendor_cvss2_vectors"` `"vendor_statement":` `"vendor_url"` `"nvd_severity"` `"nvd_cvss2_score"` `"nvd_cvss2_vectors"` `"nvd_cvss3_severity"` `"nvd_cvss3_score"` `"nvd_cvss3_vectors"` `"nvd_url"` `"aqua_score"` `"aqua_severity"` `"aqua_vectors"` `"aqua_scoring_system"` `"severity_classification"` `"aqua_severity_classification"` `"aqua_score_classification"` `"exploitability"` `"temporal_vector"` `"exploit_type"` `"custom_severity"` `"custom_notes"` `"resource_type"` `"resource_format"`	Vulnerability details
"Fix for" vulnerability name	Fix title
Solution	Fix description
NVD URL	Fix references

Fields Mapping - Images

Aqua CWPP field	Vulcan field
Registry name	Asset name
Image ID	Asset details
Images	Asset type
Repository	Repository
OS	OS
Registry, registry type, Aqua tags	Asset tag
Name	Vulnerability title
CVSS score	Vulnerability score
Description	Vulnerability description
"resource_name" "resource_version" "vendor_severity" "vendor_cvss2_score" "vendor_cvss2_vectors""vendor_statement" "vendor_url" "nvd_severity" "nvd_cvss2_score" "nvd_cvss2_vectors" "nvd_cvss3_severity"nvd_cvss3_score" "nvd_cvss3_vectors""nvd_url""aqua_score": "aqua_severity": ""aqua_vectors""aqua_scoring_system""severity_classification""aqua_severity_classification" "aqua_score_classification""exploitability", "temporal_vector": "exploit_type": "custom_severity" "custom_notes" "resource_type": "resource_format":	Vulnerability details
"Fix for: vulnerability name	Fix title
Solution	Fix description
NVD URL	Fix reference

Fields Mapping - Cloud Resources

Aqua CWPP field	Vulcan field
Name	Asset name
Function ID	Resource ID
Cloud type	Cloud (provider)
Cloud Resources - Serverless	Asset type
Project, runtime language, Aqua tags	Asset tags
Name	Vulnerability title
CVSS score	Vulnerability score
Description	Vulnerability description
`"resource_name"` `"resource_version"` `"vendor_severity"` `"vendor_cvss2_score"` `"vendor_cvss2_vectors"` `"vendor_statement"` `"vendor_url"` `"nvd_severity"` `"nvd_cvss2_score"` `"nvd_cvss2_vectors"` `"nvd_cvss3_severity"` `"nvd_cvss3_score"` `"nvd_cvss3_vectors"` `"nvd_url"` `"aqua_score"` `"aqua_severity"` `"aqua_vectors"` `"aqua_scoring_system"` `"severity_classification"` `"aqua_severity_classification"` `"aqua_score_classification"` `"exploitability"` `"temporal_vector"` `"exploit_type"` `"custom_severity"` `"custom_notes"` `"resource_type"` `"resource_format"`	Vulnerability details
Open / Closed	Vulnerability status
Fix for name	Fix title
Solution	Fix description
NVD URL	Fix reference

Vulnerability Status Mapping

Aqua CWPP Status	Vulcan Status
Vulnerability exists	Vulnerable
Vulnerability no longer appears	Fixed

Vulnerability Score mapping

The nvd_cvss3_score is the score reference

Aqua CWPP Score	Vulcan Score
0-10	0-10

Locate Aqua CWPP vulnerabilities in the Vulcan Platform

As Aqua CWPP discovers vulnerabilities, the Vulcan Platform connector imports those vulnerabilities for reporting and action. You can view vulnerabilities via Connector by using the relevant filter:

Open the Vulcan Platform dashboard and navigate to the Vulnerabilities. Click on the Search or filter vulnerabilities search box, scroll to the Vulnerability Source option, and click to filter by the vulnerability source.
Locate Aqua CWPP on the vulnerability source/Connector list and click to filter results.
Click on any vulnerability to view further information.

Note: If you observe a miss alignment in the vulnerabilities count between Vulcan and Aqua, the reason is the way Aqua displays vulnerabilities.
While Aqua counts and displays a listing for each vulnerability existing in different locations under the same library, the Vulcan platform displays it as a single connection between the asset and the vulnerability.

Locate Aqua CWPP assets in the Vulcan Platform

To locate all synced hosts, images, and cloud resource assets from Aqua CWPP.

Open the Vulcan Cyber dashboard and navigate to Assets > Hosts / Cloud Resources / Images tabs.
Click on the Search or filter websites input box and select Connector from the drop-down selection.
Locate the Aqua CWPP option to view all synced assets.

Automate actions in the Vulcan Platform

Take advantage of the automation capabilities of Vulcan Cyber and the Aqua CWPP connector.

Click here to learn how to create automation in the Vulcan Cyber Platform.

Orca Connector

Outpost24 Connector

BitSight Connector

Rapid7 Insight AppSec Connector

Wiz Connector