Skip to main content

Vulnerability Management

Discussions, questions, and answers related to vulnerability management

  • 8 Topics
  • 10 Replies
8 Topics
S
Lacer
steven.sorannoLacer
asked in Vulnerability Management
How to set up the Lacework Proxy Scanner to integrate with a Sonatype Nexus Registry with multiple repositories?

Instructions for how to create a proxy scanner integration can be found in the following documentation.  However, it is important to note that the example config.yml provided in the "Configure the Proxy Scanner" section is intended for a connection to a single Nexus repository with one domain/port.  If there is a need to have the proxy scanner to scan multiple repositories, the config.yml file for the proxy scanner needs to have multiple registry domains, one for each repository since in Nexus, repositories are configured and run on separate ports.  An example of a proxy scanner config.yaml file for multiple repositories can be found below.  scan_public_registries: falsestatic_cache_location: /opt/lacework/cachedefault_registry:lacework: account_name: lacework-account integration_access_token: ****registries: - domain: NEXUS-FQDN:<port> name: NEXUS1 ssl: true is_public: false credentials: user_name: "userinregistry" password: "*****" notification_type:

2800
S
Lacer
7 months ago
R
robert5156Participant
asked in Vulnerability Management
How to identify Internet accessible nodes and container pods ( inbound from internet)?

Hi,Looking for some advice.Basically with-in lacework kubernetes , looking to see which pods & nodes are accessible from internet ( inbound from internet). What i found so far is we can use Resources → Kubernetes → Pod Network → External connections . You can select all columns and download a CSV. There is a similar view for actual nodes as well. Node→ Kubernetes → Node Network → Node External Connections I am not 100% sure if this is accurate. Also this does not tell what ports are open for inbound connections ( some of the ports listed are >65k which seems to be odd as well)Wondering if anyone had figured out the correct way to “Identify Internet accessible nodes and container pods ( inbound from internet)?”. Thanks in advanceAgentLinux 6.6XPlatformUsing Lacework/OperationalizingCloudGCP

5351
A
1 year ago
LacerX
Lacer
LacerXLacer
asked in Vulnerability Management
How often are update CVEs?

AgentN/APlatformCurrentCloudN/A

9394
J
Lacer
1 year ago
LacerX
Lacer
LacerXLacer
asked in Vulnerability Management
How does Lacework know if a container/image is active?

AgentN/APlatformCurrentCloudN/A AgentN/APlatformCurrentCloudN/A

5341
LacerX
Lacer
1 year ago
LacerX
Lacer
LacerXLacer
asked in Vulnerability Management
Where does the data come from that Lacework uses to scan for vulnerabilities?

AgentN/APlatformCurrentCloudN/A

5101
LacerX
Lacer
1 year ago
LacerX
Lacer
LacerXLacer
asked in Vulnerability Management
Can Lacework import vulnerabilities from custom sources?

Can Lacework import vulnerabilities from custom sources? AgentN/APlatformCurrentCloudN/A

3931
LacerX
Lacer
1 year ago
sluglord9000
Lacer
sluglord9000Lacer
asked in Vulnerability Management
Should I use the inline scanner or container registry integration for Vulnerability Management?

AgentN/APlatformCurrentCloudN/A AgentN/APlatformCurrentCloudN/A

5671
Z
Lacer
1 year ago
timarenz
Lacer
timarenzLacer
asked in Vulnerability Management
Can the proxy scanner deployed on Kubernetes?

AgentN/APlatformN/ACloudN/A

5311
timarenz
Lacer
1 year ago

Badge winners

Show all badges
Terms of UseCookie settings