Hi All Is it possible to enable the Auto Scan only on specif Rancher Users #neuvector-security

Hi All, Is it possible to enable the Auto Scan onl...

worried-ability-15054

07/23/2025, 11:14 AM

Hi All, Is it possible to enable the Auto Scan only on specific namespaces? for example: enable the auto scan on all pods/containers in prod, dev and tst namespaces, but no need to scan in cattle-* namespaces? Thanks for your help

rich-plumber-96719

07/23/2025, 6:20 PM

you don't interested in security problems in the system namespaces? brave move

👀 1

🎯 1

witty-honey-18052

07/29/2025, 1:24 AM

Are you asking about the image autoscan or the monitoring modes? If image autoscanning you could scan specific image sources, perhaps choosing not to autoscan images from the secure images registry.

witty-honey-18052

07/29/2025, 1:26 AM

If monitoring groups, you could apply empty rulesets via security as code for the system namespaces with the appropriate groups. That would effectively disable discovery for those groups.

witty-honey-18052

07/29/2025, 1:27 AM

Agreed that you shouldn't blindly trust the system namespaces, but there's a use-case for everything.

quaint-candle-18606

07/30/2025, 1:09 AM

Plus, what problem are you trying to solve?

Open in Slack

Previous Next