Kvisor and security

Does running the CAST AI Kvisor for security reporting interfere with running other security tools against the cluster?

No, Kvisor runs in a read-only mode and will not interfere with any other security tools.


What is the purpose of retaining data for 10 years?

10 years is a blanket statement for auditors (SOC2/ISO27001) to keep internal documents, communication, etc. CAST AI does not commit to how long it will keep customer data. Snapshots are discarded after three months, but reports, audit logs, machine learning artifacts, etc., are kept indefinitely.


What image scanner does CAST AI use internally for image vulnerabilities?

CAST AI has its own image scanner built into the Kvisor component. It checks against the CIS Kubernetes security benchmark, as well as NSA, OWASP, and PCI recommendations.