Security ScanningImage Security

Image Security

Scan container images for known vulnerabilities (CVEs) and security issues in your Kubernetes cluster.

Image Security Overview
Container Image Security scanning interface

Overview

Image Security allows you to analyze container images running in your cluster for known vulnerabilities. It identifies CVEs (Common Vulnerabilities and Exposures) and provides severity ratings to help you prioritize remediation efforts.

Image scanning runs both automatically in the background and on demand, so you can rely on continuous coverage while still triggering a fresh scan whenever needed.

Scoped per cluster: Image Security results are shown per cluster. Use the cluster selector at the top of the page to choose a specific cluster, or select All clusters to view an aggregated overview.

Features

  • Vulnerability Detection - Identify known CVEs in container images
  • Severity Classification - Vulnerabilities are classified as Critical, High, Medium, or Low
  • Image Inventory - See all container images running in your cluster
  • Scan on Demand - Run scans whenever needed

How to Use

Starting a Vulnerability Scan

  1. Navigate to Security > Security Scanning > Image Security
  2. Click the Scan Images button in the top right corner
  3. Wait for the scan to complete
  4. Review the results in the dashboard

Understanding Results

After a scan completes, you’ll see:

MetricDescription
Total ImagesNumber of container images scanned
VulnerabilitiesTotal number of CVEs found
CriticalVulnerabilities requiring immediate attention
HighSerious vulnerabilities to address soon
Medium/LowLess urgent issues to plan for

Best Practices

  1. Regular Scanning - Run scans regularly to catch new vulnerabilities
  2. Update Images - Keep base images up to date with security patches
  3. Use Minimal Images - Prefer slim/alpine variants to reduce attack surface
  4. Review Critical First - Prioritize critical and high severity findings

Next Steps