Portshift Announces Open Source Kubei Container Runtime Scanning Software
March 23, 2020

Portshift introduced Kubei Open Source container scanning software.

Kubei is an open source Kubernetes runtime images scanning solution, presented to invite developer collaboration for the hardening of runtime environments.

Kubei identifies which pods were built from vulnerable images or contain newly discovered vulnerabilities, then it couples the Kubernetes information with vulnerability data for quick and easy remediation.

Traditionally, container scanning solutions have been used to detect vulnerabilities within the CI/CD development pipeline or within the image’s registry. This approach lacks the ability to observe running pods which were created before the image-scanning process took place. Portshift’s open source project introduces its technology to a broad community of DevOps/SRE teams involved with the deployment of containers -- their orchestration, management and security. With Kubei, scanning containers during runtime ensures strong security for Kubernetes clusters.

A powerful new solution for DevOps/SRE professionals, Kubei scans only images that are deployed in runtime that also include the scanning of non-registry images. It replaces the need to scan the entire images registry which contains many different versions and/or images that are not in use. The solution is easy to operate and integration with CI/CD pipeline tools is not a requirement. With Kubei:

1. The solution only scans deployed images. It provides accurate and real-time risk assessment, saving time and resources of scanning them offline.

2. All runtime images inside the cluster will be scanned, including non-registry images (whether coming from CI/CD or not), providing the organization with an extra layer of security.

Key capabilities of the new solution include one-click container configuration and discovery of vulnerabilities in runtime, throughout all Kubernetes clusters under management. Within minutes, Kubei summarizes and portraits all of the vulnerabilities existing in runtime deployments with an operational view. With this, DevOps will know immediately which containers have vulnerabilities, where these vulnerabilities exist (image, pod, container and namespace), and what needs to be patched or replaced.

"With the launch of Kubei, Portshift assists DevOps in maintaining development timelines, providing easy access and quick scanning of runtime (relevant) images on-demand," said Zohar Kaufman, Co-Founder and VP, R&D, Portshift. "The open-source tool couples Kubernetes information with the vulnerability data and includes context in addition to data for a much clearer picture of Kubernetes vulnerabilities in real-time."

Share this

Industry News

July 14, 2020

Perfecto by Perforce announced the launch of Android emulators and iOS simulators in its cloud testing platform.

July 14, 2020

SmartBear released new DevOps features in SwaggerHub, the company's API design and documentation platform.

July 14, 2020

Traceable, a new end-to-end application security monitoring platform, launched from stealth today with $20M in series A funding from Unusual Ventures and BIG Labs.

July 13, 2020

Docker announced a collaboration with Amazon Web Services (AWS) to simplify the lives of developers by allowing them to focus on application development, streamlining the process of deploying and managing containers in AWS from their local development environment.

July 13, 2020

Perforce Software announced the release of a combined JRebel and XRebel plugin for the Eclipse IDE.

July 13, 2020

Spectro Cloud announced that its first product—Spectro Cloud—is now generally available.

July 09, 2020

ShiftLeft released a new version of NextGen Static Analysis (NG SAST), including new workflows, purpose-built for developers that significantly improve security, while enhancing productivity.

July 09, 2020

RunSafe Security announced a partnership with JFrog that will enable RunSafe to supercharge binary protections via a simple plugin that JFrog users can deploy within their Artifactory repositories and instantly protect binaries and containers.

July 09, 2020

LeanIX closed $80 million in Series D funding led by new investor Goldman Sachs Growth.

July 08, 2020

Afi.ai introduced Afi Data Platform, a cloud-based replication and resiliency service that helps to monitor, predict downtime and recover K8s applications.

July 08, 2020

D2iQ announced the release of Conductor, a new interactive learning platform that enables enterprises to access hands-on cloud native courses and training.

July 08, 2020

SUSE entered into a definitive agreement to acquire Rancher Labs.

July 07, 2020

Micro Focus announced AI-powered enhancements to the intelligent testing capabilities of the UFT Family, a unified set of solutions designed to reduce the overall complexity of automating the functional testing processes.

July 07, 2020

Push Technology announced the launch of a new Service API capability for Diffusion Cloud, Push’s Real-Time API Management Cloud Platform.

July 07, 2020

Lightrun exited stealth and announced $4M in seed funding for the first complete continuous debugging and observability platform for production applications.