ARMO, developer of Kubescape, an open supply safety platform for Kubernetes, has added two new vulnerability scanning capabilities to the platform.
Code repository scanning and container picture registry scanning are the primary fruits of an effort to cowl extra facets of Kubernetes safety, the corporate stated, together with integrating with extra third-party devops and Kubernetes instruments like Lens, Prometheus, Plural, Civo, GitHub Actions, GitLab, and Visible Studio.
Code repository scanning is the flexibility to scan YAML information and Helm charts on the early phases of the SDLC. Even earlier than they’ve any Kubernetes clusters in place, customers can see the outcomes on Kubescape’s cloud UI. Customers can view historical past, traits, and drifts, set exclusions, and see the place a management has failed and learn how to repair it, a functionality often called “assisted remediation.”
Container picture registry scanning permits customers to scan container photographs straight from their registries—together with Elastic Container Registry, Google Container Registry, Quay, and others—earlier than they’re operating or despatched to run within the cluster.
The 2 options enable for vulnerabilities to be detected earlier within the growth course of, or in third-party registries, stopping vulnerabilities from reaching manufacturing environments. Moreover, Kubescape repeatedly scans for brand new vulnerabilities within the CI/CD pipeline which may come up after a container picture was created or a container cluster has been deployed.
ARMO stated that Kubescape will quickly assist the OpenAPI framework by means of Swagger, and Kubescape customers will be capable to leverage providers by means of brazenly accessible APIs.
The corporate additionally introduced it’s open sourcing a vital element of the Kubescape platform, its in-cluster Helm element, which is able to make extra options, like picture scanning, actually open supply. Its subsequent steps will probably be to open supply the entire back-end code base and providers, which is able to enable customers to construct their very own cloud resolution, and UI, on prime of Kubescape and make it a devops-native instrument.
Additionally coming quickly are collaboration options that will probably be built-in with exterior ticket administration techniques and inner communication channels, the corporate stated. If customers discover a new safety difficulty of their surroundings with Kubescape, they may be capable to create Jira tickets, submit to Slack channels, and assign the best staff member to work on it, all from throughout the Kubescape platform.
Copyright © 2022 IDG Communications, Inc.