CVE Scanning with trivy
Automatically scrapes and scans all running container images for Common Vulnerabilities and Exposures (CVEs) using trivy. Apps can be blocked if they have severe vulnerabilities, with a clean exceptions management interface for your security team.
Compliance with Gatekeeper
m9sweeper provides a library of constraint templates with a simple interface for configuring compliance rules for OPA Gatekeeper. Exceptions can be requested and reviewed by your security team.
Intrusion Detection with Falco
Monitor applications for suspicious activity and/or intrusions by hackers (such as reverse shells) using Project Falco. Detect anomalies by receiving alerts whenever a new kind of suspicious behavior is detected.
Report on Security
Our software will automatically scrape what images you have running in Kubernetes and scan and build out reports detailing all security vulnerabilities that exist in the packages and libraries your code uses. And best of all, we use Kubernetes’ native APIs, so it is very low risk and installs in minutes.
Make Compliance Possible
While tools like Gatekeeper and Open Policy Agent are immensely valuable for describing compliance in Kubernetes, they are also extremely difficult to use. Minesweeper’s library of pre-made policies and simple graphical user interface (and exceptions management interface) makes being compliant easy and manageable for most DevOps teams.
Securing your Kubernetes Cluster Doesn’t Have to Be Hard.
We make it easy with a 5-minute install, automating scanning/scraping of what you already have running, and a simple reporting and exceptions management interface.
"I founded m9sweeper because I wanted to make sure nobody would ever need to write rego code ever again. "
– Jason Woodman – Co Founder