{"id":6013,"date":"2019-08-15T16:49:10","date_gmt":"2019-08-15T09:49:10","guid":{"rendered":"http:\/\/gcloudvn.wam.vn\/ung-dung-quet-lo-hong-bao-mat-tren-gke-va-compute-engine-duoc-ra-mat\/"},"modified":"2023-07-14T10:47:57","modified_gmt":"2023-07-14T03:47:57","slug":"ung-dung-quet-lo-hong-bao-mat-tren-gke-va-compute-engine-duoc-ra-mat","status":"publish","type":"post","link":"https:\/\/gcloudvn.com\/en\/kienthuc\/ung-dung-quet-lo-hong-bao-mat-tren-gke-va-compute-engine-duoc-ra-mat\/","title":{"rendered":"GKE and Compute Engine Vulnerability Scanner App Launched"},"content":{"rendered":"<p style=\"text-align: justify;\"><span style=\"font-weight: 400;\">As the number of platforms you build and your applications on increases, the main challenge is understanding what applications you have deployed and what their security status is. If it&#039;s not visible, it can be difficult to tell if there are any potential vulnerabilities in your applications.<\/span><\/p>\n<p style=\"text-align: justify;\"><span style=\"font-weight: 400;\">Today, we are pleased to announce the official launch of the tool <\/span><span style=\"font-weight: 400;\">Cloud Security Scanner<\/span><span style=\"font-weight: 400;\"> give <\/span><span style=\"font-weight: 400;\">Google Kubernetes Engine (<a href=\"https:\/\/gcloudvn.com\/en\/google-kubernetes-engine-gke\/\">GKE<\/a>)<\/span><span style=\"font-weight: 400;\"> and <\/span><a href=\"https:\/\/gcloudvn.com\/en\/compute-engine\/\"><span style=\"font-weight: 400;\">Google Compute Engine<\/span><\/a><span style=\"font-weight: 400;\">, join Cloud Security Scanner for <\/span><a href=\"https:\/\/gcloudvn.com\/en\/app-engine\/\"><span style=\"font-weight: 400;\">Google App Engine<\/span><\/a><span style=\"font-weight: 400;\">. Now, no matter where you run your application on <a href=\"https:\/\/gcloudvn.com\/en\/google-cloud-platform\/\">Cloud Google<\/a>, you can quickly gain insight into your web application vulnerabilities and take action before bad actors can exploit them.<\/span><\/p>\n<p style=\"text-align: justify;\"><span style=\"font-weight: 400;\">Web application vulnerabilities can occur during development. Some of these vulnerabilities include incorrect setup of the application&#039;s security framework, incorrect deployment of the application into production environments, or patched or updated systems.<\/span><\/p>\n<p style=\"text-align: justify;\"><span style=\"font-weight: 400;\">Cloud Security Scanner can find a wide range of web application vulnerabilities in search; Here are a few examples of its capabilities:<\/span><\/p>\n<ul style=\"text-align: justify;\">\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">Identify and notify you of common external vulnerabilities in your applications such as Flash Injection or mixed content<\/span><\/li>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">Detects vulnerabilities like cross-site scripting bugs caused by JavaScript bugs<\/span><\/li>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">Warns you of GIT and SVN accessibility.<\/span><\/li>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">Addressing content vulnerabilities that man-in-the-middle attackers can exploit to take control of the website, leading to resource overload or stopping user actions.<\/span><\/li>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">Alerts you if an application is showing signs of converting passwords to plain text, or displaying HTTP header errors, including typos or mismatched values in the header.<\/span><\/li>\n<\/ul>\n<p style=\"text-align: justify;\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-14591 size-full\" src=\"https:\/\/gcloudvn.com\/wp-content\/uploads\/2019\/08\/unnamed-1.png\" alt=\"Security vulnerability scanning application on GKE and Compute Engine was released 1\" width=\"512\" height=\"236\" \/><\/p>\n<p style=\"text-align: justify;\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-14592 size-large\" src=\"https:\/\/gcloudvn.com\/wp-content\/uploads\/2019\/08\/pasted-image-0-3-1024x477.png\" alt=\"Security Vulnerability Scanning Application on GKE and Compute Engine Launched\" width=\"1024\" height=\"477\" \/><\/p>\n<p style=\"text-align: justify;\"><span style=\"font-weight: 400;\">Cloud Security Scanner handles those security holes as well as searches in <\/span><span style=\"color: #0000ff;\"><span style=\"font-weight: 400;\">Cloud Security Command Center<\/span><\/span><span style=\"font-weight: 400;\"> (Cloud SCC), or Cloud Security Posture Management (CSPM) tool, so you will be able to capture missing configurations, system weaknesses, and threats, so you can quickly respond to scenarios. on the dashboard. Then, when you click search, you can see a description of the problem\/issue with advice on how to fix it and prevent it from happening in the future.<\/span><\/p>\n<p style=\"text-align: justify;\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-14594 size-full\" src=\"https:\/\/gcloudvn.com\/wp-content\/uploads\/2019\/08\/unnamed-2.png\" alt=\"Security vulnerability scanning application on GKE and Compute Engine was released 3\" width=\"512\" height=\"288\" \/><\/p>\n<p style=\"text-align: justify;\"><span style=\"font-weight: 400;\">Cloud Security Scanner is not enabled by default. To activate it, you need to complete the steps in <\/span><a href=\"https:\/\/cloud.google.com\/security-command-center\/docs\/how-to-view-vulnerabilities-threats\" target=\"_blank\" rel=\"nofollow noopener\"><span style=\"font-weight: 400;\">quickstart<\/span><\/a><span style=\"font-weight: 400;\"> then visit the Security Sources section in Cloud SCC to make sure the functionality is enabled. You can also create custom scan scenarios for your application using Cloud Security Scanner UI. once Cloud Security Scanner is enabled, it will scan your application, scan for all the links you assign, and try to execute as many users request and evaluate if the requests are processed. The scan uses Chrome and Safari browsers, and is embedded with the Blackberry mobile platforms and Nokia phones. You can even schedule periodic scans.<\/span><\/p>\n<p style=\"text-align: justify;\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-14595 size-large\" src=\"https:\/\/gcloudvn.com\/wp-content\/uploads\/2019\/08\/pasted-image-0-4-1024x451.png\" alt=\"Security vulnerability scanning application on GKE and Compute Engine was released 4\" width=\"1024\" height=\"451\" \/><\/p>\n<p style=\"text-align: justify;\"><span style=\"font-weight: 400;\">To add an extra layer of protection to applications running on GKE servers, you can use the tool <\/span><span style=\"color: #0000ff;\"><a style=\"color: #0000ff;\" href=\"https:\/\/cloud.google.com\/container-registry\/docs\/get-image-vulnerabilities\" target=\"_blank\" rel=\"nofollow noopener\"><span style=\"font-weight: 400;\">Container Registry vulnerability scanning<\/span><\/a><\/span><span style=\"font-weight: 400;\"> to check for vulnerabilities in container images before deploying to production.<\/span><\/p>\n<p style=\"text-align: justify;\"><span style=\"font-weight: 400;\">Get started with Cloud Security Scanner easily and secure your apps. If you are new to GCP, you can start using GCP and enable Cloud SCC and Cloud Security Scanner. If you are already using GCP, you can easily enable Cloud Security Scanner from Security Sources in Cloud SCC, and use it for free. For more detailed information about Cloud Security Scanner, read<\/span><span style=\"color: #0000ff;\"><a style=\"color: #0000ff;\" href=\"https:\/\/cloud.google.com\/security-scanner\/\" target=\"_blank\" rel=\"nofollow noopener\"><span style=\"font-weight: 400;\"> add this document<\/span><\/a><span style=\"font-weight: 400;\">.<\/span><\/span><\/p>\n<p style=\"text-align: right;\"><strong>Source: Gimasys<\/strong><\/p>","protected":false},"excerpt":{"rendered":"<p>As the number of platforms you build and your applications increase, the main challenge is to understand what applications you have deployed and their security status is\u2026<\/p>","protected":false},"author":1,"featured_media":6014,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[1],"tags":[],"class_list":["post-6013","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-kienthuc","entry","has-media"],"_links":{"self":[{"href":"https:\/\/gcloudvn.com\/en\/wp-json\/wp\/v2\/posts\/6013","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/gcloudvn.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/gcloudvn.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/gcloudvn.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/gcloudvn.com\/en\/wp-json\/wp\/v2\/comments?post=6013"}],"version-history":[{"count":0,"href":"https:\/\/gcloudvn.com\/en\/wp-json\/wp\/v2\/posts\/6013\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/gcloudvn.com\/en\/wp-json\/wp\/v2\/media\/6014"}],"wp:attachment":[{"href":"https:\/\/gcloudvn.com\/en\/wp-json\/wp\/v2\/media?parent=6013"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/gcloudvn.com\/en\/wp-json\/wp\/v2\/categories?post=6013"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/gcloudvn.com\/en\/wp-json\/wp\/v2\/tags?post=6013"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}