Introducing VMClarity, an open-source tool for agentless detection of SBOMs!

Virtual machines (VMs) are the most used service on AWS, Azure, and GCP and the predominant method for hosting containers. Despite this extensive use, VMs are vulnerable to multiple threats including leaked secrets and passwords, malware, system misconfiguration, and rootkit software used by cybercriminals to gain control over a target computer or network. 

There are good open-source and commercial-based solutions for providing threat detection for virtual machines, but challenges come with assembling these yourself:

• Cloud and container environments are complex with installation, configuration, and reporting.
• Integrating with existing deployment automation is always a consideration with any addition to a cloud native environment. 
• Siloed reporting and visualization and a lack of a single view into your configuration. 
• No single solution that integrates container and VM security across multi-cloud, on-premises, and hybrid deployment scenarios.  

Protecting your virtual machines in a multi-cloud cloud native environment with VMClarity 

VMClarity is an open-source tool for agentless detection and management of Software Bill of Materials (SBOMs) on Virtual Machines (VMs). Because it is agentless, cloud native security and observability on VMs is enhanced without writing or modifying any code. 

VMClarity works in multi-cloud environments to provide the following: 

• Software Bill of Materials (SBOM) analysis  
• Package & OS vulnerability detection  
• Exploit detection  
• Leaked secret detection  
• Malware detection  
• Misconfiguration detection  
• Rootkit detection 

Are you ready to protect your SBOMs, your VMs, and your entire cloud native environment? Get started! 

Visit the open source project on GitHub. You can learn more about the project, start using, and contribute.  

Read the blog introducing VMClarity and watch the videos of VMClarity in action. 

Kim McMahon is a head of community and open source marketing at Outshift, formerly Cisco’s Emerging Technology & Incubation organization. You can follow her on Twitter @kamcmahon.