Vulnerability management
Cloud Advisor identifies and prioritizes vulnerabilities in operating systems, packages and libraries on virtual machines and containers deployed in the cloud without the use of agents.
Agentless approach
Cloud Advisor uses an agentless approach to scan virtual machine block storage. This innovative method:
- Provides 100% coverage of all virtual machines and containers immediately after deployment
- Allows you to deploy Cloud Advisor in minutes and get full information about all vulnerabilities in the infrastructure within an hour
- Does not require work to install and update agents, reducing the total cost of ownership
- Has no effect on virtual machine performance
- Does not require a network connection between the virtual machine/container and the scanning module
Context
Cloud Advisor prioritizes vulnerabilities based on the context in which they are found. For example, a Log4Shell vulnerability found on a public machine with a security group that allows unrestricted connections will have a higher priority than the same vulnerability found on a machine without internet access. Similarly, a vulnerability found in a publicly exposed container with elevated privileges, will be prioritized higher than the same vulnerability found in a regular container.
Unlike traditional vulnerability scanning solutions, Cloud Advisor has detailed information about the cloud configuration thanks to the CSPM module and Managed Kubernetes configuration thanks to the KSPM module. This allows you to focus your attention on fixing the really important risks.
Prioritization
Various factors are used to prioritize vulnerabilities: presence of public exploits, type of vulnerability, CVSS score, etc. This allows you to focus on fixing vulnerabilities that have a real risk to the infrastructure.
Host Configuration
Cloud Advisor identifies insecure virtual machine operating system configurations and provides instructions for remediation. The "Linux CIS Benchmark" rule set developed by the Center of Internet Security is used to test the configuration.
Data sources
Cloud Advisor retrieves data from multiple sources and searches for vulnerabilities in Alpine, Debian, Ubuntu, RHEL, CentOS, OpenSUSE, and other distributions. Cloud Advisor supports the system package managers apt, yum and apk and the application-level package managers Bundler, Composer, Pipenv, Poetry, npm, yarn and Cargo.