Agentless scanning provides visibility into vulnerabilities and compliance risks in cloud workloads by scanning snapshot root volumes. The agentless scanning architecture allows you to inspect a host and the container images on that host without having to install an agent or affect your workload execution.
Prisma Cloud supports agentless scanning of cloud workloads on AWS, Azure, GCP, and OCI for vulnerabilities and compliance.
On AWS, Azure, and GCP you can also use agentless scanning for container images, as well as Serverless Function.
To set up agentless scanning for your cloud accounts, you must onboard the accounts to Prisma Cloud.
Once you onboard your cloud account with agentless scanning enabled, that account is continuously scanned regardless of how many workloads are in that account. Whether you add or remove hosts and containers, agentless scanning keeps your workload security issues visible.
When you add an organization to Prisma Cloud and enable agentless scanning across the organization, agentless scanning automatically scans the accounts added to the organization.
To achieve that goal, you grant the necessary permissions during onboarding and Prisma Cloud scans the account regularly. By default, agentless scans are performed periodically every 24 hours and this interval is configurable.
So if to perform agentless scanning, Prisma Cloud needs an instance every 24 hours to perform this task, the time it may take is a cost that must be taken into account for the cloud project where you would be working with the tool.
For example:
Keep in mind that it would be a SPOT INSTANCE.
And we must calculate the costs associated with that SPOT instance and the outgoing traffic to Prism from the data obtained from each evaluated Snapshot.
Only taking into account the standard cost of the type of instance in the previous image we would have a cost of 9 Dollars as long as the Scanner Instance takes that time to analyze.
Now the time that can be taken is flexible to different factors:
Number of hosts
Hosts disks sizes
Used space on hosts disks
Number of files in the hosts disks
Finally, for a project it is important to be clear about the costs associated with its entire infrastructure but also with the security tools that are deployed and indirectly affect its FORECAST.
Top comments (0)