The Assets page in the Security Center console provides the security information about all container assets. The information includes statistics and risk status of applications, clusters, pods, containers, namespace, and images. This topic describes how to search for a container and view its security information.

Background information

Security Center detects threats to Kubernetes clusters. If you want to enable threat detection, navigate to the Settings page of the Security Center console and turn on Threat Detection in the K8S Threat Detection section. For more information, see Threat detection for Kubernetes containers.

Procedure

  1. Log on to the Security Center console.
  2. In the left-side navigation pane, click Assets.
  3. On the Assets page, click the Container tab.
  4. On the Container tab, view the security information of a container.The Container tab on the Assets page
    You can perform the following operations:
    • View the details and risk status of all applications
      On the Container tab, click All Applications in the navigation tree to view the information about all applications. You can perform the following operations:
      • Filter applications

        You can specify conditions in the search box to filter applications. The conditions include Vul problems, Alert problems, and Cluster ID. You can view the details of all applications, including the number of applications, application name, cluster to which the application belongs, cluster creation time, and risk status.

      • View application details

        Find the application that you want to view and click Processing in the Actions column. On the details page that appears, you can view the basic information, vulnerabilities, alerts, and pod information of the application.

    • View risky applications

      On the Container tab, click Risky Applications in the navigation tree to view all risky applications. Find the application that you want to view and click Processing in the Actions column. On the details page that appears, you can view the basic information, vulnerabilities, alerts, and pod information of the application.

    • View the details and risk status of a cluster
      On the Container tab, click Clusters in the navigation tree to view all your clusters. You can perform the following operations:
      • Filter clusters

        You can specify conditions in the search box to filter clusters. The conditions include Vul problems, Alert problems, and Cluster ID. You can view the details of all clusters, including the number of clusters, cluster name or ID, cluster type, region, number of servers, cluster creation time, cluster status, and risk status.

      • View cluster details

        Find the cluster that you want to view and click Processing in the Actions column. On the details page that appears, you can view the basic information, vulnerabilities, alerts, pods, and servers.

    • View the details and risk status of a pod
      On the Container tab, click Pod in the navigation tree to view all your pods. You can perform the following operations:
      • Filter pods

        You can specify conditions in the search box to filter pods. The conditions include Vul problems, Alert problems, and Instance ID. You can also view the details of pods, including the number of pods, Pod Name, At-risk/Total Container, Pod IP, Server, Cluster, and Risk State.

      • View the details of a pod

        Find the pod that you want to view and click Processing in the Actions column. On the details page that appears, you can view the basic information, vulnerabilities, alerts, and container information of the pod.

    • View the details and risk status of a container
      On the Container tab, click Container in the navigation tree to view all your containers. You can perform the following operations:
      • Filter containers

        You can specify conditions in the search box to filter containers. The conditions include Vul problems, Alert problems, and Container ID. You can also view the details of containers, including the number of containers, Container ID, Alerts, Vul, Pod, Server, and Risk State.

      • View the details of a container

        Find the container that you want to view and click Processing in the Actions column. On the details page that appears, you can view the basic information, vulnerabilities, and alerts of the container.

    • View risky containers

      On the Container tab, click Risky Container(s) in the navigation tree to view all containers that are at risk. Find the container that you want to view and click Processing in the Actions column. On the details page that appears, you can view the vulnerabilities and alerts of the container.

    • View the details and risk status of a namespace
      On the Container tab, click Namespace in the navigation tree to view all your namespaces. You can perform the following operations:
      • Filter namespaces

        You can specify conditions in the search box to filter namespaces. The conditions include Vul problems, Alert problems, Cluster ID, and Namespace. You can view the details of all namespaces, including the namespace name, cluster to which the namespace belongs, and namesapce creation time.

      • View the details of a namespace

        Find the namespace that you want to view and click Processing in the Actions column. On the details page that appears, you can view the basic information, vulnerabilities, alerts, pods, and applications.

    • View the details and risk status of an image

      On the Container tab, click Image(s) in the navigation tree to view all your images. You can perform the following operations:

      • Filter images

        You can specify conditions in the search box to filter images. The conditions include Vul problems, Alert problems, Instance ID, and repoName. You can also view the details of images, including Image Address/Label, Size, Region, Latest Detection Time, and Risk State.

      • View the vulnerability details of an image
        Find the image that you want to view and click Processing in the Actions column. On the details page that appears, you can view information about the vulnerabilities detected by Security Center. The information includes image system vulnerabilities, application vulnerabilities, and malicious samples.Vulnerability list

        In the upper-right corner of the vulnerability list, you can filter vulnerabilities by priority. You can also search for specific vulnerabilities.

        If you want to view the details of a vulnerability, click Details in the Actions column. The details page that appears provides the affected assets, the command that can be used to fix the vulnerability, and other details. For more information about image vulnerabilities, see Configure image security scanning.Vulnerability details

References

Container security

Threat detection for Kubernetes containers

Configure image security scanning

Use Runtime Security to monitor ACK clusters and configure alerts