ARMO, developer of Kubescape, an open supply safety platform for Kubernetes, has added two new vulnerability scanning purposes to the platform.
Code repository scanning and container symbol registry scanning are the primary culmination of an effort to hide extra facets of Kubernetes safety, the corporate mentioned, together with integrating with extra third-party devops and Kubernetes gear like Lens, Prometheus, Plural, Civo, GitHub Movements, GitLab, and Visible Studio.
Code repository scanning is the facility to scan YAML recordsdata and Helm charts on the early phases of the SDLC. Even sooner than they’ve any Kubernetes clusters in position, customers can see the consequences on Kubescape’s cloud UI. Customers can view historical past, traits, and drifts, set exclusions, and notice the place a keep an eye on has failed and the right way to repair it, an ability referred to as “assisted remediation.”
Container symbol registry scanning permits customers to scan container pictures without delay from their registries—together with Elastic Container Registry, Google Container Registry, Quay, and others—sooner than they’re working or despatched to run within the cluster.
The 2 options permit for vulnerabilities to be detected previous within the construction procedure, or in third-party registries, combating vulnerabilities from attaining manufacturing environments. Moreover, Kubescape regularly scans for brand spanking new vulnerabilities within the CI/CD pipeline that may get up after a container symbol was once created or a container cluster has been deployed.
ARMO mentioned that Kubescape will quickly strengthen the OpenAPI framework via Swagger, and Kubescape customers will have the ability to leverage products and services via overtly to be had APIs.
The corporate additionally introduced it’s open sourcing a vital part of the Kubescape platform, its in-cluster Helm part, which is able to make extra options, like symbol scanning, actually open supply. Its subsequent steps will probably be to open supply the entire back-end code base and products and services, which is able to permit customers to construct their very own cloud answer, and UI, on most sensible of Kubescape and make it a devops-native software.
Additionally coming quickly are collaboration options that will probably be built-in with exterior price tag control techniques and inner communique channels, the corporate mentioned. If customers discover a new safety factor of their atmosphere with Kubescape, they are going to have the ability to create Jira tickets, publish to Slack channels, and assign the suitable crew member to paintings on it, all from inside the Kubescape platform.
Copyright © 2022 IDG Communications, Inc.