Cisco Panoptica adds security to your cloud-native environments starting in the CI/CD pipeline. Using plugins for popular CI tools, such as Jenkins, Panoptica pulls information about your bonafide workloads, and uses it to create an identity for them.
The plugins also scan images for vulnerabilities, as they are built in the pipeline. Using the CI/CD Scan Policy, the plugin can be configured to fail a build if vulnerabilities exceeding a specified severity level are found, or allow the build to proceed.
Later, using plugins in the CD stage, Panoptica obtains information about workloads that are about to be deployed in your environments. Using this, and the information obtained earlier, in the CI stage, Panoptica can monitor your workloads, and apply runtime policies to them to control the activities in your environments.
Panoptica has plugins and integrations for a number of CI/CD tools.
Alternatively, Panoptica can obtain the information it needs from your CI tools, using the Docker plugin.
Downstream, plugins in CD tools such as Helm plugin provide information about workloads about to be deployed to your environments. This information, together with the information from the CI plugins, indicates to Panoptica when to start tracking your workloads, and apply policies to them.
Updated 7 months ago