Portshift Introduces Kubernetes Scanning Tool to Detect Vulnerabilities

Portshift, a provider of cloud-native workload protection, is releasing Kubei Open Source container scanning software, enhancing security and remediation.

"With the launch of Kubei, Portshift assists DevOps in maintaining development timelines, providing easy access and quick scanning of runtime (relevant) images on-demand," said Zohar Kaufman, co-founder and VP, R&D, Portshift. "The open-source tool couples Kubernetes information with the vulnerability data and includes context in addition to data for a much clearer picture of Kubernetes vulnerabilities in real-time."

Kubei is an open source Kubernetes runtime images scanning solution, presented to invite developer collaboration for the hardening of runtime environments.

Kubei identifies which pods were built from vulnerable images or contain newly discovered vulnerabilities, then it couples the Kubernetes information with vulnerability data for quick and easy remediation.

Portshift’s open source project introduces its technology to a broad community of DevOps/SRE teams involved with the deployment of containers including their orchestration, management and security. With Kubei, scanning containers during runtime ensures strong security for Kubernetes clusters.

Kubei scans only images that are deployed in runtime that also include the scanning of non-registry images.

It replaces the need to scan the entire images registry which contains many different versions and/or images that are not in use. The solution is easy to operate and integration with CI/CD pipeline tools is not a requirement.

Key capabilities of the new solution include one-click container configuration and discovery of vulnerabilities in runtime, throughout all Kubernetes clusters under management.

Within minutes, Kubei summarizes and portraits all of the vulnerabilities existing in runtime deployments with an operational view.

With this, DevOps will know immediately which containers have vulnerabilities, where these vulnerabilities exist (image, pod, container and namespace), and what needs to be patched or replaced.

To learn more about this news, visit