This guide provides instructions on inspecting live software components using the Runtime Live Assessment capability. This enables you to view and search live runtime information, identify potential security risks, and monitor the health of your runtime environments.
Warning
Data in the Live Assessment is retained for 10 days before deletion.
Active Components Runtime Inspects
| Runtime Component | Description |
|---|---|
| Images | Packaged files containing code and configurations needed to run applications, traceable to their source in JFrog Artifactory. |
| Workloads | Applications and services actively running in Kubernetes clusters, managed by resources like Deployments, StatefulSets, or DaemonSets. |
| Processes | Individual executable instances within workloads, detailed with vulnerability data for monitoring and risk management. |
Risks Runtime Alerts Against
| Risk | Description |
|---|---|
| Malicious Packages | Detects harmful code within software components. |
| Untrusted Images | Identifies images from unverified registries. |
| Critical Applicable CVEs | Highlights critical vulnerabilities identified through contextual analysis. |
| Integrity Violations | Flags discrepancies between Artifactory images and running cluster binaries. |
Inspecting Images in Runtime
Gain comprehensive visibility into runtime images by tracing them back to their JFrog Artifactory source, evaluating usage, and identifying security risks. Quickly spot untrusted sources, integrity violations, and critical CVEs, with key details like the highest risk level, total vulnerabilities, and tag-specific insights to prioritize remediation. By detecting discrepancies between Artifactory images and running binaries, you can proactively mitigate risks and strengthen your runtime security.
Accessing Image Information
Image information includes a number of associated workloads, cluster and namespace details, image path in Artifactory, associated deployer information, and a list of vulnerabilities
1. From the JFrog Platform, under Runtime, select Live Assessment.
2. Select the Images tab to view all detected images.
3. Select an image.
4. Click on the desired image tag from the Images tab.
Inspecting Workloads in Runtime
Inspect workloads in your runtime environment with Runtime Live Assessment to monitor active applications, identify security risks, and gain infrastructure-wide insights. Workloads, managed by Kubernetes resources like Deployments, StatefulSets, DaemonSets, or Jobs, consist of containers linked to images and running processes. The Workloads Table highlights risks such as integrity violations, untrusted registries, critical CVEs, and malicious packages, along with total vulnerabilities, workload status, and location details across clusters, nodes, and namespaces to help you quickly detect and address security issues.
Accessing Workloads in Runtime Live Assessment
1. From the JFrog Platform, under Runtime, select Live Assessment.
2. Select the Workloads tab to view all detected workloads.
3. Select a workload.
4. Click on a specific process to see detailed information.
Inspecting Processes in Runtime
Before You Begin:
Process inspection is available only with Runtime Impact (Controller + Sensors).
1. From the JFrog Platform, under Runtime, select Live Assessment.
2. Select the Processes tab to view all detected workloads.
3. Review the Processes Table.
4. (Optional) Apply filters to narrow down processes based on specific criteria.