In the Security Center console, you can view security information about all pods, containers, and images on the Assets page. The information includes basic statistics and risk status. This topic describes how to search for a container and view the related security information.

Background information

Security Center detects threats to Kubernetes clusters. If you want to enable threat detection, go to the Settings page of the Security Center console and turn on Threat Detection in the K8s Threat Detection section. For more information, see Threat detection for Kubernetes containers.

Procedure

  1. Log on to the Security Center console.
  2. In the left-side navigation pane, click Assets.
  3. On the Assets page, click the Container tab.
  4. On the Container tab, view the security information of a container.The Container tab on the Assets page
    You can perform the following operations:
    • View the details and risk status of a pod
      On the Pod tab, you can view all your pod assets. You can perform the following operations:
      • Filter pods

        You can specify conditions in the search box to filter pods. The conditions include Vul problems, Alert problems, and Instance ID. You can also view the details of pods. The details include the number of pods, Pod Name, At-risk/Total Container, Pod IP, Server, Cluster, and Risk State.

      • View the details of a pod

        Find the pod that you want to view and click Processing in the Actions column. On the details page that appears, you can view the basic information, vulnerabilities, alerts, and container information of the pod.

    • View the details and risk status of a container
      On the Container tab, click Container in the left-side section to view all your container assets. You can perform the following operations:
      • Filter containers

        You can specify conditions in the search box to filter containers. The conditions include Vul problems, Alert problems, and Instance ID. You can also view the details of containers. The details include the number of containers, Container ID, Alerts, Vul, Pod, Server, and Risk State.

      • View the details of a container

        Find the container that you want to view and click Processing in the Actions column. On the details page that appears, you can view the basic information, vulnerabilities, and alerts of the container.

    • View risky containers

      On the Container tab, click Risky Container(s) in the left-side section to view all containers that are at risk. Find the container that you want to view and click Processing in the Actions column. On the details page that appears, you can view the vulnerabilities and alerts of the container.

      The details page of a container
    • View the details and risk status of an image

      On the Container tab, click Image(s) in the left-side section to view all your image assets. You can perform the following operations:

      • Filter images by risk status or repository name

        You can specify conditions in the search box to filter images. The conditions include Vul problems, Alert problems, Instance ID, and repoName. You can also view the details of images. The details include Image Address/Label, Size, Region, Latest Detection Time, and Risk State.

      • View the vulnerability details of an image

        Find the image that you want to view and click Processing in the Actions column. On the page that appears, you can view the vulnerabilities on the container. The vulnerability details include notifications, the priority, the last time when the vulnerability was detected, the CVE ID, and the status.

        In the upper-right corner of the vulnerability list, you can filter vulnerabilities by priority. You can also search for specific vulnerabilities.

        If you want to view the details of a vulnerability, click Details in the Actions column. The details page that appears provides the affected assets, the command that can be used to fix the vulnerability, and other related details. For more information about image vulnerabilities, see Image security scan.Vulnerability details

References

Threat detection for Kubernetes containers

Image security scan

Use Runtime Security to monitor ACK clusters and configure alerts