The Yandex Cloud platform has opened general access to its Vulnerability Scanner. This technology allows platform users to more effectively assess and improve the security level of their cloud IT projects.
The scanner is part of the Yandex Container Registry service for managing container images and can be configured via the web interface. This eliminates the need for information security specialists and DevOps to spend time setting up and maintaining the product.
The scanner checks for vulnerabilities in images containing components and dependencies required for the correct operation of applications. It then compares the content of the selected image with the largest known databases of vulnerabilities. As a result, the user receives a detailed report with identified security issues and possible fixes.
Users can manage Vulnerability Scanner settings, such as enabling automatic scanning for all new images. They can also choose the type of scan: use the function for the entire registry or individual repositories. The company promises that it will be possible to enable the Vulnerability Scanner on a schedule in the future.
“Many of our users develop applications on the cloud platform to reduce time-to-market and simplify development organization. Therefore, we pay special attention to ensuring that development on the cloud platform is not only fast and convenient, but also secure. The introduction of a vulnerability scanner into Yandex Cloud will make it possible to more effectively implement DevSecOps – secure development practices,” said Grigory Atrepiev, Yandex Cloud Product Director.
It is reported that the first six scans are free, and then the cost of one scan will be 13 rubles. The scanner can be integrated into the development pipeline as part of the Yandex Managed Service for the GitLab DevOps platform.
