Kaspersky Container Security (hereinafter referred to as the solution) allows you to discover security problems and provides protection throughout the lifecycle of container applications, from development and deployment control to runtime.
Solution functionality:
Integration with image registries (for example, Docker Hub, JFrog Artifactory, Sonatype Nexus Repository OSS, GitLab Registry, Harbor) to scan images in the registry for known vulnerabilities published by the NVD and the Data Security Threats Database (FSTEC), secrets (passwords, access keys, tokens), misconfigurations, and malware.
Integration into the CI/CD process as a pipeline stage, as well as scanning IaC for misconfigurations and container images for vulnerabilities, malware, and sensitive data (secrets).
Infrastructure as a Code is an approach to managing and describing infrastructure through configuration files instead of manually editing server configurations.
Continuous Integration/Continuous Delivery is the combination of continuous software integration and continuous delivery in the development process.
Checking of cluster nodes for compliance with information security benchmarks.
Monitoring compliance with the configured security policies while building and running the applications, including container startup control in the runtime.
Monitoring of resources used by the controlled clusters.
You can configure and access the functionalities of Kaspersky Container Security through the Management Console. The console is implemented as a web interface which can be accessed through the Chromium (Google Chrome, Microsoft Edge), Apple Safari or Mozilla Firefox browsers.