VMware Carbon Black Container Kubernetes Sensor 3.0.0

Check for additions and updates to these release notes.

What's New

  • Cloud Native Detect & Response - Kubernetes Support in Carbon Black Cloud

    • This is the first Kubernetes Sensor release that supports the Cloud Native Detect & Response feature.

    • Cloud Native Detection &Response (CNDR) provides VMware Carbon Black customers with unified visibility, security, and control in highly dynamic and complex modern application environments.

    • CNDR is only supported when paired with Carbon Black Container Operator 6.0.0 and above.

  • Image Secret Detection

    • Secret detection is included in the cluster scanning agent bundle. When installed, it scans for secrets in all existing images and continuously scans newly deployed images.

    • Secret detection is only supported when paired with Carbon Black Container operator 6.0.0 and above.

    • Secret scanning is disabled by default.

  • Update cbctl to version 1.10.0

  • Upgrade golang version to 1.20.7

Resolved Issues

  • CNS-3259: Failed to extract image manifest in OpenShift environment

  • CNS-3260: Failed to copy image with signed content

Known Issues

  • CNS-3273: Sensor cannot find kernel headers on Amazon Linux 4.14

  • CNS-3289: Operator and Agent do not start on Openshift with default SCC

  • CNS-3212: Network events do not appear in Kubernetes sensors

  • CNS-3114: nsenter command in a container is not protected by the Kubernetes sensor

check-circle-line exclamation-circle-line close-line
Scroll to top icon