End-to-End Vulnerability Protection
Vulnerability Scanning with Integrated Admission Controls
Blazing Fast, Simple Container Image Scanning
The Fastest, Most Integrated Vulnerability Scanner for the Entire Pipeline
NeuVector automates security for the entire CI/CD pipeline, from Build to Ship to Run. Use the Jenkins plug-in to scan during build, monitor images in registries and run automated tests for security compliance. Prevent deployment of vulnerable images with admission control, but also monitor production containers. All running containers and host OS’s are automatically scanned for vulnerabilities with scanning tasks distributed across hosts for blazing fast, highly scalable image vulnerability analysis. Scan thousands or hundreds of thousands of images with the fastest scanner available.
- Enforce security with scanning and admission control during build, test and deployment
- Scans containers, hosts, and orchestration platforms during run-time
- Audits host and container security with Docker Bench and Kubernetes CIS Benchmark for security tests
Prevent Vulnerable and Unauthorized Images from Being Deployed
With Admission Controls, NeuVector can tie vulnerability scanning to the container deployment process. NeuVector integrates with Kubernetes and OpenShift controls to apply security policy before images are allowed to be deployed.
- Set whitelist and blacklist rules for images allowed to be deployed
- Use criteria such as CVE names/levels, run-as-root, namespace, user, labels to set rules
- Integrated with Kubernetes and Red Hat OpenShift admission control webhooks