ARMO, developer of Kubescape, an open source security platform for Kubernetes, has added 2 new vulnerability scanning functions to the platform.Code repository scanning and container image computer system registry scanning are the very first fruits of an effort to cover more elements of Kubernetes security, the business said, consisting of integrating with more third-party devops and Kubernetes tools like Lens, Prometheus, Plural, Civo, GitHub Actions, GitLab, and Visual Studio.Code repository scanning is the capability to scan YAML files and Helm charts at the early phases of the SDLC. Even prior to they have any Kubernetes clusters in location, users can see the outcomes on Kubescape’s cloud UI
. Users can view history, trends, and wanders, set exemptions, and see where a control has stopped working and how to repair it, a capability called “assisted remediation.”Container image registry scanning allows users to scan container images straight from their computer registries– including Elastic Container Computer system registry, Google Container Windows Registry, Quay, and others– prior to they are running or sent out to run
in the cluster.The 2 features enable vulnerabilities to be detected previously in the development procedure, or in third-party registries, avoiding vulnerabilities from reaching production environments. Additionally, Kubescape continually scans
for new vulnerabilities in the CI/CD pipeline that may arise after a container image was developed or a container cluster has actually been deployed.ARMO stated that Kubescape will soon support the OpenAPI structure through Swagger, and Kubescape users will be able to take advantage of services through openly readily available APIs. The company also announced it is open sourcing a crucial element of the Kubescape platform, its in-cluster Helm element, which will make more features, like image scanning, genuinely open source. Its next steps will be to open source the whole back-end code base and services
, which will enable users to construct their own cloud option, and UI, on top of Kubescape and make it a devops-native tool. Likewise coming quickly are collaboration functions that will be integrated with external ticket management systems and internal interaction channels, the company stated. If users find a brand-new security problem in their environment with Kubescape, they will be able to develop Jira tickets, post to Slack
channels, and appoint the ideal employee to deal with it, all from within the Kubescape platform. Copyright © 2022 IDG Communications, Inc. Source