GUAC v0.14.0 includes a Kubescape collector that can be run inside your Kubernetes cluster to watch for new scan results from Kubescape and ingest those results into GUAC
March 27, 2025
This post is republished with modifications from the GUAC blog.
The newly-released GUAC v0.14.0 adds support for collecting runtime SBOMs from Kubescape. Kubescape is an open source Kubernetes security platform that provides comprehensive security coverage, from left to right across the entire development and deployment lifecycle. It offers hardening, posture management, and runtime security capabilities to ensure robust protection for Kubernetes environments.
When Kubescape is installed as an Operator in your Kubernetes cluster, it can continuously scan all running containers for contents and vulnerabilities. These scan results can be accessed as Kubernetes API server custom resources. Additionally, Kubescape can filter the SBOM scan results based on relevancy based on eBPF observation.
With GUAC being the prime system resource for collating and correlating data from across your supply chain, it only made sense to enable GUAC to incorporate these Kubescape results. GUAC’s new ability to analyze both build-time and run-time SBOMs in a single GraphQL API enables exciting new insights. We will explore some of those in our KubeCon EU session “Why Don’t We Have Both? Track Build- and Run-time Information for Security With Kubescape and GUAC." Please join us there or look out for the recording.
If you will be in London for KubeCon, please join the DevSecOps on the Rocks party co-hosted by Kusari. You can also stop by the Kusari (S482) or ARMO (N452) booths to learn more about GUAC and Kubescape.
No older posts
No newer posts