Host Vulnerability Check
Host vulnerability security checks primarily involve checking vulnerabilities in software packages installed via package management tools on the host system. This includes most of the native tools, components, and the kernel in the system, all of which can be checked for security using this feature.
Detection Principle
This method involves reading the software package management database to retrieve the current system’s installed software information. This data is uploaded to the cloud and matched against a self-built vulnerability database for analysis. The resulting vulnerability information will be displayed on the frontend interface.
Detection Cycle
- The Agent plugin initiates a scan immediately upon startup.
- By default, it scans every 12 hours.
- After clearing a risk, it will be rechecked within 12 hours. If the risk has been fixed, the alert will be automatically deleted.
Detection Items
| Category | Detection Item | Description | Corresponding Version |
|---|---|---|---|
| rpm | Redhat | Supports checking Linux software vulnerabilities, including vulnerabilities in Redhat-based systems. | V3.0 |
| rpm | CentOS | Supports checking Linux software vulnerabilities, including vulnerabilities in CentOS-based systems. | V3.0 |
| rpm | Rocky | Supports checking Linux software vulnerabilities, including vulnerabilities in Rocky-based systems. | V3.0 |
| deb | Ubuntu | Supports checking Linux software vulnerabilities, including vulnerabilities in Ubuntu-based systems. | V3.0 |
| deb | Debian | Supports checking Linux software vulnerabilities, including vulnerabilities in Debian-based systems. | V3.0 |