The Assets page in the Security Center console provides the security information about all container assets. The information includes statistics and risk status of applications, clusters, pods, containers, namespace, and images. This topic describes how to search for a container and view its security information.

Background information

Security Center detects threats to Kubernetes clusters. If you want to enable threat detection, navigate to the Settings page of the Security Center console and turn on Threat Detection in the K8s Threat Detection section. For more information, see Use threat detection on Kubernetes containers.

Procedure

  1. Log on to the Security Center console.
  2. In the left-side navigation pane, click Assets.
  3. On the Assets page, click the Container tab.
  4. On the Container tab, view the security information of a container.The Container tab on the Assets page
    You can perform the following operations:
    • View the details and risk status of all applications
      On the Container tab, click All Applications in the navigation tree to view the information about all applications. You can perform the following operations:
      • Filter applications

        You can specify conditions in the search box to filter applications. The conditions include Vul problems, Alert problems, and Cluster ID. You can view the details of all applications, including the number of all applications, names, cluster to which the applications belong, cluster creation time, and risk status.

      • View application details

        Find the application that you want to view and click Process in the Actions column. On the details page that appears, you can view the basic information, vulnerabilities, alerts, and pod information of the application.

    • View risky applications

      On the Container tab, click Application at risk in the navigation tree to view all risky applications. Find the application that you want to view and click Process in the Actions column. On the details page that appears, you can view the basic information, vulnerabilities, alerts, and pod information of the application.

    • View the details and risk status of a cluster
      On the Container tab, click Cluster in the navigation tree to view all your clusters. You can perform the following operations:
      • Filter clusters

        You can specify conditions in the search box to filter clusters. The conditions include Vul problems, Alert problems, and Cluster ID. You can view the details of all clusters, including the number of clusters, cluster names, cluster IDs, cluster types, regions, number of servers, cluster creation time, cluster status, and risk status.

      • View cluster details

        Find the cluster that you want to view and click Process in the Actions column. On the details page that appears, you can view the basic information, vulnerabilities, alerts, pods, and servers.

    • View the details and risk status of a pod
      On the Container tab, click Pod in the navigation tree to view all your pods. You can perform the following operations:
      • Filter pods

        You can specify conditions in the search box to filter pods. The conditions include Vul problems, Alert problems, and Instance ID. You can also view the details of pods. The details include the number of pods, Pod Name, At-risk/Total Container, Pod IP, Server, Cluster, and Risk State.

      • View the details of a pod

        Find the pod that you want to view and click Process in the Actions column. On the details page that appears, you can view the basic information, vulnerabilities, alerts, and container information of the pod.

    • View the details and risk status of a container
      On the Container tab, click Container in the navigation tree to view all your containers. You can perform the following operations:
      • Filter containers

        You can specify conditions in the search box to filter containers. The conditions include Vul problems, Alert problems, and Container ID. You can also view the details of containers, including the number of containers, Container ID, Alerts, Vul, Pod, Server, and Risk State.

      • View the details of a container

        Find the container that you want to view and click Process in the Actions column. On the details page that appears, you can view the basic information, vulnerabilities, and alerts of the container.

    • View risky containers

      On the Container tab, click Risky Container(s) in the navigation tree to view all containers that are at risk. Find the container that you want to view and click Process in the Actions column. On the details page that appears, you can view the vulnerabilities and alerts of the container.

    • View the details and risk status of a namespace
      On the Container tab, click Namespaces in the navigation tree to view all your namespaces. You can perform the following operations:
      • Filter namespaces

        You can specify conditions in the search box to filter namespaces. The conditions include Vul problems, Alert problems, Cluster ID, and Namespace. You can view the details of all namespaces, including the names, cluster to which the namespaces belong, creation time, and risk status.

      • View the details of a namespace

        Find the namespace that you want to view and click Process in the Actions column. On the details page that appears, you can view the basic information, vulnerabilities, alerts, pods, and applications.

    • View the details and risk status of an image

      On the Container tab, click Image(s) in the navigation tree to view all your images. You can perform the following operations:

      • Filter images

        You can specify conditions in the search box to filter images. The conditions include Vul problems, Alert problems, Instance ID, and repoName. You can also view the details of images, including Image Address/Label, Size, Region, Latest Detection Time, and Risk State.

      • View the vulnerability details of an image
        Find the image that you want to view and click Process in the Actions column. On the details page that appears, you can view information about the vulnerabilities detected by Security Center. The vulnerabilities include image system vulnerabilities, image application vulnerabilities, image baseline risks, and malicious image samples. Vulnerability details

        In the upper-right corner of the vulnerability list, you can filter vulnerabilities by priority. You can also search for specific vulnerabilities.

        If you want to view the details of a vulnerability, click Details in the Actions column. The details page that appears provides the affected assets, the command that can be used to fix the vulnerability, and other details. For more information about image vulnerabilities, see View container image scan results. Vulnerability details
      • View images of Alibaba Cloud Container Registry, Harbor repositories, or Quay repositories

        On the Container tab, click Commercial ACR, Free ACR, Harbor, or Quay in the navigation tree to view Container Registry instances of the Enterprise edition (paid edition), default Container Registry instances (free of charge), or third-party image repositories that are added to Security Center. For more information about how to add third-party image repositories to Security Center, see Add third-party image repositories to Security Center.

References

Container security

Use container network topology

Use threat detection on Kubernetes containers

Use the container signature feature

View container image scan results

Use Runtime Security to monitor ACK clusters and configure alerts