Vulnerability Management

Discussions, questions, and answers related to vulnerability management

  • 8 Topics
  • 10 Replies

8 Topics

S
Lacer
steven.sorannoLacer
asked in Vulnerability Management

How to set up the Lacework Proxy Scanner to integrate with a Sonatype Nexus Registry with multiple repositories?

Instructions for how to create a proxy scanner integration can be found in the following documentation.  However, it is important to note that the example config.yml provided in the "Configure the Proxy Scanner" section is intended for a connection to a single Nexus repository with one domain/port.  If there is a need to have the proxy scanner to scan multiple repositories, the config.yml file for the proxy scanner needs to have multiple registry domains, one for each repository since in Nexus, repositories are configured and run on separate ports.  An example of a proxy scanner config.yaml file for multiple repositories can be found below.  scan_public_registries: falsestatic_cache_location: /opt/lacework/cachedefault_registry:lacework: account_name: lacework-account integration_access_token: ****registries: - domain: NEXUS-FQDN:<port> name: NEXUS1 ssl: true is_public: false credentials: user_name: "userinregistry" password: "*****" notification_type:

0
S
Lacer
1 month ago
R
robert5156Participant
asked in Vulnerability Management

How to identify Internet accessible nodes and container pods ( inbound from internet)?

Hi,Looking for some advice.Basically with-in lacework kubernetes , looking to see which pods & nodes are accessible from internet ( inbound from internet). What i found so far is we can use Resources → Kubernetes → Pod Network → External connections . You can select all columns and download a CSV. There is a similar view for actual nodes as well. Node→ Kubernetes → Node Network → Node External Connections I am not 100% sure if this is accurate. Also this does not tell what ports are open for inbound connections ( some of the ports listed are >65k which seems to be odd as well)Wondering if anyone had figured out the correct way to “Identify Internet accessible nodes and container pods ( inbound from internet)?”. Thanks in advanceAgentLinux 6.6XPlatformUsing Lacework/OperationalizingCloudGCP

1
A
7 months ago
LacerX
Lacer
LacerXLacer
asked in Vulnerability Management

How often are update CVEs?

AgentN/APlatformCurrentCloudN/A

4
J
Lacer
7 months ago
LacerX
Lacer
LacerXLacer
asked in Vulnerability Management

How does Lacework know if a container/image is active?

AgentN/APlatformCurrentCloudN/A AgentN/APlatformCurrentCloudN/A

1
LacerX
Lacer
8 months ago
LacerX
Lacer
LacerXLacer
asked in Vulnerability Management

Where does the data come from that Lacework uses to scan for vulnerabilities?

AgentN/APlatformCurrentCloudN/A

1
LacerX
Lacer
8 months ago
LacerX
Lacer
LacerXLacer
asked in Vulnerability Management

Can Lacework import vulnerabilities from custom sources?

Can Lacework import vulnerabilities from custom sources? AgentN/APlatformCurrentCloudN/A

1
LacerX
Lacer
8 months ago
sluglord9000
Lacer
sluglord9000Lacer
asked in Vulnerability Management

Should I use the inline scanner or container registry integration for Vulnerability Management?

AgentN/APlatformCurrentCloudN/A AgentN/APlatformCurrentCloudN/A

1
Z
Lacer
8 months ago
timarenz
Lacer
timarenzLacer
asked in Vulnerability Management

Can the proxy scanner deployed on Kubernetes?

AgentN/APlatformN/ACloudN/A

1
timarenz
Lacer
8 months ago

Badge winners

Show all badges
Terms of UseCookie settings