Kennedy Sanchez:
Hi guys. Do you think Nessus vulnerability scanners are enough to look for vulnerabilities on Kubernetes infrastructure?
Michael J:
Hey, I’m not taking my CKS but I do use Tenable and Nessus at work.
I don’t think it would be enough to ensure your Kubernetes cluster is secure.
Ideally you’d want to have some vulnerability scanning implemented as a step in your CI/CD pipeline and potentially use another vulnerability scanner to actually check your application for vulnerabilities.
I think Tenable could definitely detect vulnerabilities in the underlying operating system which is arguably even more important to secure than the containers.