Secrets scanning and patch management

Cloud Advisor enhances the agentless scanner for virtual machines and containers. It now includes the following modules:

• NEW Secrets scanning
  NEW Patch management
  Vulnerabilities
  Antimalware
  Host configuration.

Identifying secrets and access keys stored in plain text prevents the lateral movement of an attacker within the cloud infrastructure. The Secrets scanning module allows to find cloud access keys, keys for S3, GitLab, GitHub and other services.

The Patch management module allows to identify operating systems and software that have reached EOL (End-of-life) or EOS (End-of-support) status and are no longer supported. The functionality also provides information about current versions and available updates for operating systems and software running on virtual machines and containers.

The Secrets scanning and Patch management modules' alerts complement a comprehensive algorithm for identifying attack paths against cloud infrastructure, allowing to highlight such risks as «End-of-life OS on a publicly exposed VM» or «Critical vulnerability found on a publicly exposed VM containing secrets in plain text».

The Secrets scanning and Patch management modules utilize agentless scanning technology based on virtual machine snapshot analysis that provides 100% coverage of the entire infrastructure, deployment in minutes, reduced administration costs and no impact on performance.