End-to-End Vulnerability Protection

Vulnerability Scanning with Integrated Admission Controls

Blazing Fast, Simple Container Image Scanning

The Fastest, Most Integrated Vulnerability Scanner for the Entire Pipeline

NeuVector automates security for the entire CI/CD pipeline, from Build to Ship to Run. Use the Jenkins plug-in to scan during build, monitor images in registries and run automated tests for security compliance. Prevent deployment of vulnerable images with admission control, but also monitor production containers. All running containers and host OS’s are automatically scanned for vulnerabilities with scanning tasks distributed across hosts for blazing fast, highly scalable image vulnerability analysis. Scan thousands or hundreds of thousands of images with the fastest scanner available.

  • Enforce security with scanning and admission control during build, test and deployment
  • Scans containers, hosts, and orchestration platforms during run-time
  • Audits host and container security with Docker Bench and Kubernetes CIS Benchmark for security tests

Prevent Vulnerable and Unauthorized Images from Being Deployed

With Admission Controls, NeuVector can tie vulnerability scanning to the container deployment process. NeuVector integrates with Kubernetes and OpenShift controls to apply security policy before images are allowed to be deployed.

  • Set whitelist and blacklist rules for images allowed to be deployed
  • Use criteria such as CVE names/levels, run-as-root, namespace, user, labels to set rules
  • Integrated with Kubernetes and Red Hat OpenShift admission control webhooks

Take the Next Steps