From 3f26741307e19dcd9b4dbc720fb3c65b907f2548 Mon Sep 17 00:00:00 2001 From: Benjamin Ironside Goldstein <91905639+benironside@users.noreply.github.com> Date: Tue, 9 Jul 2024 15:40:18 -0400 Subject: [PATCH] [CNVM] Adds notes about CNVM architecture support (#5340) * Adds notes about CNVM architecture support * Update docs/cloud-native-security/vuln-management-faq.asciidoc * Update docs/cloud-native-security/vuln-management-get-started.asciidoc (cherry picked from commit d1cd713b37e9ee7ddc991893aad4f5370c311ced) # Conflicts: # docs/cloud-native-security/vuln-management-get-started.asciidoc --- docs/cloud-native-security/vuln-management-faq.asciidoc | 4 ++++ .../vuln-management-get-started.asciidoc | 5 +++++ 2 files changed, 9 insertions(+) diff --git a/docs/cloud-native-security/vuln-management-faq.asciidoc b/docs/cloud-native-security/vuln-management-faq.asciidoc index 6f72ce1af8..864257f7a7 100644 --- a/docs/cloud-native-security/vuln-management-faq.asciidoc +++ b/docs/cloud-native-security/vuln-management-faq.asciidoc @@ -11,6 +11,10 @@ The CNVM integration uses various security data sources. The complete list can b CNVM uses the open source scanner https://github.com/aquasecurity/trivy[Trivy] v0.35. +*What system architectures are supported?* + +Because of Trivy's limitations, CNVM can only be deployed on ARM-based VMs. However, it can scan hosts regardless of system architecture. + *How often are the security data sources synchronized?* The CNVM integration fetches the latest data sources at the beginning of every scan cycle to ensure up-to-date vulnerability information. diff --git a/docs/cloud-native-security/vuln-management-get-started.asciidoc b/docs/cloud-native-security/vuln-management-get-started.asciidoc index b65b378158..c0c357bac6 100644 --- a/docs/cloud-native-security/vuln-management-get-started.asciidoc +++ b/docs/cloud-native-security/vuln-management-get-started.asciidoc @@ -8,6 +8,11 @@ This page explains how to set up Cloud Native Vulnerability Management (CNVM). -- * CNVM is available to all {ecloud} users. On-premise deployments require an https://www.elastic.co/pricing[Enterprise subscription]. * Requires {stack} and {agent} version 8.8 or higher. +<<<<<<< HEAD +======= +* Only works in the `Default` {kib} space. Installing the CNVM integration on a different {kib} space will not work. +* CNVM can only be deployed on ARM-based VMs. +>>>>>>> d1cd713b ([CNVM] Adds notes about CNVM architecture support (#5340)) * To view vulnerability scan findings, you need at least `read` privileges for the following indices: ** `logs-cloud_security_posture.vulnerabilities-*` ** `logs-cloud_security_posture.vulnerabilities_latest-*`