The WhiteSource Kubernetes scanner is a designated pod inside your Kubernetes cluster. When installed, it scans the entire cluster as a baseline for future changes and shows the full picture of libraries, images, alert, vulnerabilities, and licenses in your WhiteSource portal. This pod then tracks changes in the cluster (for example, a new deployment or image modification), scans the container images and reports cluster security-related information, such as vulnerabilities per pod.
Q: How is WhiteSource for Containers different than other products in the market?
- Different from Other Market Solutions
Coverage: With support for more than 200 coding language and over 12 databases on vulnerabilities, WhiteSource for Containers is the best solution in terms of coverage.
Holistic View: Getting a precise and updated view of your lifecycle, at any time during the deployment. From development to building to image, and real-time production monitoring.
Enforcement: Decide when and how to enforce your rules and policies. Get immediate alerts as well as fail builds or prevent production traffic from getting to vulnerable pods.
Management: Receive automated alerts, define your workflow and get designated dashboards to make sure you have the full picture at anytime.
Q: Will it integrate to my existing lifecycle?
Integration into Your Existing Lifecycle
WhiteSource for Containers integrates with more than 15 different tools: CI/CD, build tools, image registries, and container management platforms.Q: Can I share the information with my team members?
Sharing the Information with Team Members
A: Of course. One of the most important aspects is the communication and seamless workflow between team members. The information will be shared with team members according to the configuration and permissions.Q: Is it secure?
A Secure Solution
A: Being a security company, we make sure to address the security aspects across our entire ecosystem. WKM (WhiteSource Kubernetes Manager) is installed inside the customer’s cluster, thus making sure not to perform API calls from outside the cluster. In addition, it’s important to mention that no source code is scanned. Only descriptive information is sent to WhiteSource.