NeuVector: Automating and Shifting Security Left in Kubernetes
Vulnerability Management
Same as the compliance view, a global vulnerability management dashboard is available in the UI. Click on Security Risks > Vulnerabilities to access this dashboard. Here, you can view a list of vulnerabilities with their name, score, published date, impacts, and actions.
The name of the vulnerability
reported by CVE, GHSA, or other sources.
The score of the vulnerability is calculated based on the severity of the vulnerability. NeuVector uses the NVD (National Vulnerability Database) CVSS (Common Vulnerability Scoring System) v3 scoring system to calculate the score. You can switch the version of the CVSS scoring system to v2 if you prefer.
The score ranges from 0 to 10, with 10 being the most severe. The score is calculated using equations that take into account the base, temporal, and environmental scores of the vulnerability - the following are some of the metrics used to calculate the score:
Attack Vector: The vector that the attacker must use to exploit the vulnerability (e.g., local, adjacent network, network).Attack Complexity: The conditions required to exploit the vulnerability (e.g., high, low).Privileges Required: The level of privileges required to exploit the vulnerability (e.g., none, low, high).User Interaction: The level of user interaction required to exploit the vulnerability (e.g., none, required).Scope: The extent of the impact of the vulnerability on the affected system (e.g., changed, unchanged).
End-to-End Kubernetes with Rancher, RKE2, K3s, Fleet, Longhorn, and NeuVector
The full journey from nothing to productionEnroll now to unlock all content and receive all future updates for free.