CVE Scanning
K2 will scan software components to find CVEs in the application and server environment along with remediation steps.
CVE Scanning with K2 Platform
In this section, we outline the steps for CVE Scanning using the K2 Platform.
Step 1 : K2 Portal and Account Creation
In order to use K2 Platform You need to create an account on K2 Portal.
K2 Portal can be used as SaaS model or you can deploy entire portal on your On-Premises.
K2 Platform is offered as SaaS software and can be used directly visiting SaaS portal i.e. https://k2io.net or if you are an AWS customer then you can buy subscription to K2 SaaS portal on AWS Marketplace.
For more details checkout our page
K2 Portal As SaaSStep 2 : K2 Agents Installation
Install K2 Agent in your environment to perform CVE Scan in your applications.
Choose the environment from tabs below and follow the instructions for agent installation.
Checkout our K2 Agents Installation Page for Node/VM/EC2
Node/VM/EC2Step 3 : Protect Web Application
To protect your web applications and APIs, your application must be started with K2's Language Agent.
Please choose your platform and go through K2's language agent installation from below tabs and follow instructions
Checkout our Java Language Agent Installation Page
JavaStep 4 : Enable CVE Scanning
In order to enable CVE scanning, Make sure You have installed Agents in IAST mode. You can also confirm from protected applications that you are using IAST group.
Step 1 : Login to K2 portal
Step 2 : Open Policy Tab
To enable Enable CVE scanning which will help us eventually detect CVEs automatically, Go to Policy Tab and subsequently Web Applications sub page.
Step 3 : Edit Policy
Click on Edit/Show policy at the right side on your IAST policy.
Step 4 : Go to Agent Policy
Enable CVE Scanning and set sub properties of CVE scanning as per your requirements.
Step 5 : Check Results
Reported CVEs can be found in application page under Vulnerabilities view.
Last updated
Was this helpful?