Security Scanner in 01Cloud

This Security Scanner as a service in 01Cloud plays a major role for identifying vulnerabilities, misconfigurations, and potential threats across various components, such as Kubernetes clusters and code repositories.

Why You Use Security Scanner in 01Cloud:

There are several reasons to use the Security Scanner service in 01Cloud:

• Risk Mitigation: Identify and remediate security vulnerabilities before they are exploited.
• Compliance: Ensure compliance with regulatory requirements and industry standards.
• Data Protection: Safeguard sensitive data and maintain the trust of customers and stakeholders.
• Proactive Security: Adopt a proactive approach to security by continuously monitoring and improving security posture.

How Security Scan Works:

The Security Scanner works by scanning the target environments like Kubernetes clusters and code repositories using specialized tools (plugins) designed for each type of scan. These tools analyze various aspects of the environment to identify security vulnerabilities, misconfigurations, and other potential risks.

1. Kubernetes (k8s) Scan:

• Trivy_k8s: Trivy is a lightweight, open-source vulnerability scanner for containers and Kubernetes. Trivy_k8s is specifically tailored to scan Kubernetes environments, including container images, Kubernetes manifests, and configurations.

2. Repository (Repo) Scan:

• Trivy_k8s: This plugin, mentioned again for repository scanning, is likely repurposed to scan code repositories for vulnerabilities in dependencies and other code-related security issues.

• Sonar_Scanner: SonarScanner is a tool for continuous inspection of code quality and security. In the context of repository scanning, Sonar_Scanner likely performs static code analysis to identify security vulnerabilities, code smells, and other issues.

Steps to Run Security Scanner in 01Cloud:

1. Log in into 01Cloud account and Create App, then Create Environment and after that you will be getting the following interface.

   

2. Click on Run Scan from Security tab under environment.

   

3. Select the type of scan from the above options K8s Scan and Repo Scan.

4. If you want to select K8s Scan, then select plugin from trivy_k8s and click on Yes.

   

5. After running scan, you will be getting scan Report and Output, you can also download the output from download button.

   

6. If you want to scan repo, then select plugin from trivy_repo or sonar_scanner and click on Yes.