Registry
Xcitium CSPM tool provides with registry scan where we can onboard our Docker Hub, Nexus, GCR, and ECR registries. Once the registry is onboarded, the scanning of the registry starts automatically in the background. After the scanning is completed, the findings will be populated in the registry scan dashboard.
You can find more information on "View Registry Scan" on this page.
To Add Registry
To set up this integration, We need to Provide Registry name, description and Registry type which needs to integrated.
The following Registry Types are available to be integrated
- Elastic Container Registry (ECR)
- Docker Hub Registry
- Google Container Registry (GCR)
- Sonatype Nexus Repository
- Azure Container Registry (ACR)
- Harbor Registry
- Google Artifact Registry (GAR)
- Quay
- JFrog Artifactory
Amazon Elastic Container Registry (ECR)
Xcitium CSPM security tool scans images that are present in the onboarded Amazon Elastic Container Registry and identifies any known vulnerabilities and risks associated with those images. These are then categorized based on their severity. User will be getting comprehensive view of these risks and vulnerabilities in the dashboard which can be remediated.
Google Container Registry (GCR)
Google Container Registry with images once onboarded into Xcitium platform, the images are scanned. The risks and vulnerabilities associated with these images are identified and shown in the scan results. The vulnerabilities are classified based on the CVSS Scores.
Sonatype Nexus Registry
Xcitium CSPM Security leverages various open-source scanning tools to scan the images present in the onboarded Nexus Repository. It identifies the common vulnerabilities and exploits associated with those images and risks. These Vulnerabilities and risks are classified based on their severity.
DockerHub Registry
DockerHub Repositories can be integrated with Xcitium. Once these registries are onboarded, the images are scanned for vulnerabilities and risks. These findings are populated in the dashboard with Critical, High, low vulnerabilities.
Azure Container Registry (ACR)
Xcitium CSPM security tool scans images that are present in the onboarded Azure Container Registry and has the capability to find the risks and vulnerabilities associated with these images. The risks are identified and shown in the scan results. Users will be getting a comprehensive view of these risks and vulnerabilities in the dashboard which can be remediated.
Harbor Registry
Once Harbor Registry is onboarded in Xcitium, Scan will be initiated for that registry and come up with images and vulnerabilities. These Vulnerabilities and risks are classified based on their severity according to CVSS Scores. Here user can easily get to know about the image in detail such as security issues, Layers of the images, Sensitive data and Vulnerabilities present in their images.