ARMO, developer of Kubescape, an open source security platform for Kubernetes, has added two new vulnerability scanning functions to the platform.
Code repository scanning and container image registry scanning are the first fruits of an effort to cover more aspects of Kubernetes security, the company said, including integrating with more third-party devops and Kubernetes tools like Lens, Prometheus, Plural, Civo, GitHub Actions, GitLab, and Visual Studio.
Code repository scanning is the ability to scan YAML files and Helm charts at the early stages of the SDLC. Even before they have any Kubernetes clusters in place, users can see the results on Kubescape’s cloud UI. Users can view history, trends, and drifts, set exclusions, and see where a control has failed and how to fix it, a capability known as “assisted remediation.”
Read the original article: