Enable Threat Management on GCP AR

This topic explains how to authorize and enable Prevasio Threat Management with GCP Artifact Registry (AR) to scan and secure your continuous delivery (CD) cycle and prevent threats from reaching your container-based workloads.

This prevents the vicious cycle of continuous delivery of critical-vulnerable, compromised, or risky behavior images, by isolating high-risk images in a non-intrusive way, thus removing any concerns of failing company cloud business logic. If malicious content or vulnerabilities are found in your scanned images, Prevasio protects your workloads by preventing their use.

Prevasio alerts are delivered via email about any violation of the built-in rules, and include information about detected risks like malware, known-to-be exploited CVEs, and ransom-ware patterns such as exploited domains and ports.

Configure and Enable GCP AR Continuous Deployment (CD)

Configure and Enable Prevasio's Container Workload Security with GCP AR Continuous Deployment (CD).

Do the following:

1. Ensure your GCP projects are assigned all necessary Prevasio roles. See Roles and APIs required by Prevasio to scan your GCP projects.

2. From the Main menu, select Integrations> Cloud CD Security and select the GCP tab.

   

3. Set or edit details:

   item	Description
   Enable Threat Management Rules for GAR	Select to enable this feature. When enabled, if the built-in blocking rules are triggered by a security violation, the risky image will be locked to prevent any GCP container-capable service from pulling it.
   Minimum locking level	Set the minimum level of risk severity detected that will trigger the built-in rules to lock the risky image. Available risk levels are: Medium, High, and Critical.
   Notification email addresses	Notification emails will be sent to the specified email addresses when an image is locked.

4. Click Save in the email popup box dialog to save the addresses that were added or removed.

 

â Next steps:

• View GCP AR CD mitigation scan history