search

CVE Scanning

K2 will scan software components to find CVEs in the application and server environment along with remediation steps.

hashtag
CVE Scanning with K2 Platform

In this section, we outline the steps for CVE Scanning using the K2 Platform.

hashtag
Step 1 : K2 Portal and Account Creation

In order to use K2 Platform You need to create an account on K2 Portal.

K2 Portal can be used as SaaS model or you can deploy entire portal on your On-Premises.

K2 Platform is offered as SaaS software and can be used directly visiting SaaS portal i.e. https://k2io.net or if you are an AWS customer then you can buy subscription to K2 SaaS portal on AWS Marketplace.

For more details checkout our page

K2 Portal As SaaSchevron-right
circle-info

At this point you have successfully created an account with K2 Portal.

hashtag
Step 2 : K2 Agents Installation

Install K2 Agent in your environment to perform CVE Scan in your applications.

Choose the environment from tabs below and follow the instructions for agent installation.

circle-info

We recommend to choose IAST as your environment and download K2 Installer/Yaml files if you have enabled CVE scanning on K2 Portal.

Checkout our K2 Agents Installation Page for Node/VM/EC2

Node/VM/EC2chevron-right

hashtag
Step 3 : Protect Web Application

‌To protect your web applications and APIs, your application must be started with K2's Language Agent.

Please choose your platform and go through K2's language agent installation from below tabs and follow instructions

Checkout our Java Language Agent Installation Page

Javachevron-right

hashtag
Step 4 : Enable CVE Scanning

circle-check

In order to enable CVE scanning, Make sure You have installed Agents in IAST mode. You can also confirm from protected applications that you are using IAST group.

hashtag
Step 1 : Login to K2 portalarrow-up-right

hashtag
Step 2 : Open Policy Tab

To enable Enable CVE scanning which will help us eventually detect CVEs automatically, Go to Policy arrow-up-rightTab and subsequently Web Applications sub page.

hashtag
Step 3 : Edit Policy

Click on Edit/Show policy at the right side on your IAST policy.

hashtag
Step 4 : Go to Agent Policyarrow-up-right

Enable CVE Scanning and set sub properties of CVE scanning as per your requirements.

hashtag
Step 5 : Check Results

Reported CVEs can be found in application page under Vulnerabilities view.

CVE Vulnerabilitiesarrow-up-right

PreviousPreparing IdentifierNextRuntime Protection

Last updated

Was this helpful?