Aqua Security has announced that Aqua Trivy, the world’s most popular unified security scanner, now provides full compliance scanning for CIS Kubernetes Benchmarks. With one comprehensive tool for security and compliance scanning, companies can eliminate friction and more confidently build and maintain secure cloud-native applications.

Aqua had previously built kube-bench, an open source tool for CIS compliance scanning, and now, these capabilities are integrated into Trivy for more comprehensive scanning and rich reporting.

Aqua Trivy brings the unique ability to perform the complete CIS Kubernetes benchmarks scan, including scans on the Kubernetes nodes themselves. Scans are performed automatically and result in detailed reports with recommendations for improving the architecture and workloads scanned, based on CIS Kubernetes Benchmarks. It also supports NSA and Pod Security Standards (PSS) compliance scans, so teams can be sure their cloud-native environments are fully protected and compliant.

According to the company, Trivy is the most comprehensive, easy-to-use open source vulnerability and risk scanner for cloud-native environments, covering more languages, OS packages and application dependencies than any other open source scanner. It provides fast, stateless scanning with no prerequisites for installation, and it delivers highly accurate results with broad coverage. With Trivy, developers, DevOps and DevSecOps have a more efficient, simplified tool for scanning source code, repositories, images, artifact registries, IaC templates and Kubernetes environments — all to secure cloud-native applications.