Walks you through the deploying the SUSE Security Vulnerability Scanner stack in a Kubernetes cluster and running an automated image scan using a `Registry` custom resource
SUSE Security Vulnerability Scanner
SUSE's Cloud Native product family introduces additional value with greater security assurances, extended lifecycles, access to focused architectures and Kubernetes advisories. It will also offer options to get production support for innovative Cloud Native projects. With SUSE's Cloud Native, installation assets are hosted on a trusted registry owned and managed by SUSE.
SUSE Security Vulnerability Scanner is the SBOM-centric scanning component of the SUSE Security suite. It auto-discovers Kubernetes workloads, pulls each container image only once to generate its SBOM, and continuously analyzes them for vulnerabilities. Registry scanning can be configured to extend coverage beyond running workloads. With VEX support and full air-gap compatibility, it scales across large clusters and supports regulated and disconnected environments.
Quick Start
Tutorial: Scanning Registries
Explains how to configure and run scans on container registries using SUSE Security Vulnerability Scanner.
Tutorial: Scanning Workloads
Explains how Security Vulnerability Scanner can scan container registries based on explicit Registry configurations.
Tutorial: Querying SBOM and VulnerabilityReport Resources
Explains how to query SUSE Security Vulnerability Scanner resources using metadata fields.
Common problems
Documents common errors users may encounter while running SUSE Security Vulnerability Scanner, and how to address them.
Collecting logs for debugging
Documents how to collect logs from SUSE Security Vulnerability Scanner for debugging purposes.
No matching articles found