To see the risks associated with a Kubernetes workload, perform the following procedure.

See also Kubernetes Risk Severity Scoring and Investigate Container Image Vulnerabilities.

Procedure

  1. On the left navigation pane, do one of the following depending on your system configuration and role:
    • If you have the Kubernetes Security DevOps or SecOps role and your system has only the Container security feature, click Inventory > Workloads.
    • If you have any other role and your system has Container security and other Carbon Black Cloud features, click Inventory > Kubernetes > Workloads.
  2. Click the hyperlinked name of the Workload in the second column.
  3. Click the Risk tab.

    Risk tab for a workload

    The following sections provide risk assessments and related information.

    • Risk Severity — Summarizes the risk severity associated with this workload.
    • Workload Configuration — Lists the workload configuration risks in order of risk severity.
    • Vulnerabilities — Lists the following details for vulnerabilities of this workload. You can search for a particular package or CVE to display in the table, and you can filter the list by severity.
      • Risk severity
      • Vulnerability name. Click on this hyperlink to view an overview of the vulnerability. In this panel, you can view all affected images, workloads, and exceptions.

        Overview of a vulnerability (risk)

      • Type
      • Package or library
      • Fix, if available
      • Affected images. Click any image name to open the related Container Image page.