From 9873b428dfc6e4ee60c69877bbc8788891164371 Mon Sep 17 00:00:00 2001
From: "mergify[bot]" <37929162+mergify[bot]@users.noreply.github.com>
Date: Wed, 10 Jul 2024 11:31:53 -0700
Subject: [PATCH] [CNVM] Adds notes about CNVM architecture support (#5340)
 (#5540)

* Adds notes about CNVM architecture support

* Update docs/cloud-native-security/vuln-management-faq.asciidoc

* Update docs/cloud-native-security/vuln-management-get-started.asciidoc

(cherry picked from commit d1cd713b37e9ee7ddc991893aad4f5370c311ced)

Co-authored-by: Benjamin Ironside Goldstein <91905639+benironside@users.noreply.github.com>
---
 docs/cloud-native-security/vuln-management-faq.asciidoc       | 4 ++++
 .../vuln-management-get-started.asciidoc                      | 3 ++-
 2 files changed, 6 insertions(+), 1 deletion(-)

diff --git a/docs/cloud-native-security/vuln-management-faq.asciidoc b/docs/cloud-native-security/vuln-management-faq.asciidoc
index 9940cb0d11..f86902fd8b 100644
--- a/docs/cloud-native-security/vuln-management-faq.asciidoc
+++ b/docs/cloud-native-security/vuln-management-faq.asciidoc
@@ -11,6 +11,10 @@ The CNVM integration uses various security data sources. The complete list can b
 
 CNVM uses the open source scanner https://github.com/aquasecurity/trivy[Trivy] v0.35.
 
+*What system architectures are supported?*
+
+Because of Trivy's limitations, CNVM can only be deployed on ARM-based VMs. However, it can scan hosts regardless of system architecture.
+
 *How often are the security data sources synchronized?*
 
 The CNVM integration fetches the latest data sources at the beginning of every scan cycle to ensure up-to-date vulnerability information.
diff --git a/docs/cloud-native-security/vuln-management-get-started.asciidoc b/docs/cloud-native-security/vuln-management-get-started.asciidoc
index 6736d9a4bc..7369634175 100644
--- a/docs/cloud-native-security/vuln-management-get-started.asciidoc
+++ b/docs/cloud-native-security/vuln-management-get-started.asciidoc
@@ -8,7 +8,8 @@ This page explains how to set up Cloud Native Vulnerability Management (CNVM).
 --
 * CNVM is available to all {ecloud} users. On-premise deployments require an https://www.elastic.co/pricing[Enterprise subscription].
 * Requires {stack} and {agent} version 8.8 or higher.
-* CNVM only works in the `Default` {kib} space. Installing the CNVM integration on a different {kib} space will not work. 
+* Only works in the `Default` {kib} space. Installing the CNVM integration on a different {kib} space will not work. 
+* CNVM can only be deployed on ARM-based VMs.
 * To view vulnerability scan findings, you need at least `read` privileges for the following indices:
 ** `logs-cloud_security_posture.vulnerabilities-*`
 ** `logs-cloud_security_posture.vulnerabilities_latest-*`