Learn how to enable Agentless Vulnerability & Threat Detection in your Alibaba Cloud account and understand provider-specific feature requirements and limitations.
 |
ImportantThis is a "Pre-release" feature and is not considered an official release. Please
review the
Pre-release disclaimer
before using the feature.
|
To start scanning for vulnerabilities and malware in your cloud resources, connect
your Alibaba Cloud account to Trend Vision One in Cloud Accounts using the Terraform template. Enable Agentless Vulnerability & Threat Detection in
Features and Permissions.
Agentless Vulnerability & Threat Detection scans the following Alibaba Cloudresource
types:
-
Block storage disks attached to Elastic Compute Service (ECS) instances
-
Container Registry container images
|
Important
|
Agentless Vulnerability & Threat Detection works in Alibaba Cloud by taking snapshots of block storage disks and collecting
Container Registry images. The collected resources are then scanned for vulnerabilities
and malware.
|
ImportantAgentless Vulnerability & Threat Detection takes snapshots of your Alibaba Cloud block storage disks prior to scanning and tags
the snapshots with the tag
trend-micro-product:avtd. Use the tag to identify snapshots waiting to be scanned and to exclude the snapshots
from any automated deletion processes you have configured. Snapshots are automatically
deleted from your Alibaba Cloud account after the scan completes. |
 |
NoteIf you remove the Agentless Vulnerability & Threat Detection stack from an account, Agentless Vulnerability & Threat Detection automatically deletes all deployed resources. If a scan is in progress during removal,
the Agentless Vulnerability & Threat Detection scanner instance, disks, or snapshots may not be deleted. If the resources are not
automatically deleted, you must delete them manually.
|
Scan results are sent to Trend Vision One and can be seen in Cloud Risk Management, Cyber Risk Overview, Threat and Exposure Management, and asset profile screens in Attack Surface
Discovery. After you patch vulnerabilities or remediate malware in block storage disks, the
detections no longer appear after the next daily scan. Vulnerability detections in
container images remain visible in for seven days after mitigation. Malware detections in images remain visible in for seven days after remediation.
The following table lists scanning limitations that apply to each supported Alibaba
Cloud resource type.
Alibaba Cloud resource scanning limitations
|
Alibaba Cloud resource
|
Limitations
|
|
Block storage disks
|
|
|
Container Registry container images
|
|
For a list of operating systems supported by Agentless Vulnerability & Threat Detection see Agentless Vulnerability & Threat Detection supported operating systems and language
packages.
The following Alibaba Cloud regions are supported for Agentless Vulnerability & Threat Detection deployment.
Supported Alibaba Cloud deployment regions
|
Region code
|
Region name
|
|
cn-beijing
|
China (Beijing)
|
|
cn-hangzhou
|
China (Hangzhou)
|
|
cn-shanghai
|
China (Shanghai)
|
|
cn-wulanchabu
|
China (Ulanqab)
|
|
cn-shenzhen
|
China (Shenzhen)
|
|
cn-chengdu
|
China (Chengdu)
|
|
cn-hongkong
|
China (Hong Kong)
|
|
ap-southeast-1
|
Singapore
|
|
ap-southeast-3
|
Malaysia (Kuala Lumpur)
|
|
ap-southeast-5
|
Indonesia (Jakarta)
|
|
ap-southeast-7
|
Thailand (Bangkok)
|
|
eu-central-1
|
Germany (Frankfurt)
|
|
eu-west-1
|
UK (London)
|
|
us-west-1
|
US (Silicon Valley)
|
|
us-east-1
|
US (Virginia)
|