Security is a read layer over Trivy Operator. You install and configure the operator like any other add-on; Ankra surfaces, ranks, and explains what it finds.
Prerequisites
Trivy Operator must be running in the cluster. If it is not installed, the Security view links you to Settings → Integrations → Trivy Operator, which offers to add thetrivy-operator add-on as a stack.
Add the Trivy Operator add-on
From Settings → Integrations → Trivy Operator, or the Stack Builder, add the
trivy-operator Helm add-on and deploy it. It scans workloads and writes VulnerabilityReport and ClusterVulnerabilityReport resources.Wait for the first reports
The operator scans images shortly after install. Until reports exist, the integration shows
installed_no_reports.Connection states
The integration reports one of four states, shown on both the Security view and Settings → Integrations:| State | Meaning |
|---|---|
not_installed | The Trivy Operator CRDs are not present - install the add-on |
installed_no_reports | The operator is installed but has not produced reports yet |
connected | Live reports are being read from the cluster |
degraded | The live read failed; the last cached reports are shown until it recovers |
The remediation console
The Security view is built for triage, not just a list of CVEs:- Severity and exposure breakdown. Critical / high / medium / low totals, the split between namespaced and cluster-scoped findings, and the operating-system / ecosystem distribution of vulnerable packages.
- Priority queue. Deduplicated critical and high CVEs ranked by blast radius - how many workloads and images a single fix clears - so you work the highest-leverage items first.
- Remediation campaigns. Findings grouped into fix actions by package or base image, so one upgrade closes many reports at once.
- Phased burn-down plan. A suggested order of work that steadily drives the critical/high count down.
- Workload explorer. Per-workload and per-image detail drawers listing the specific vulnerabilities, fixed-in versions, and affected pods.
Ask Ankra AI
The AI assistant can read the same reports. From a cluster’s chat, ask for a security summary and it calls theget_security_reports tool:
Related
Add-ons
Install Trivy Operator and other add-ons.
Log Sources
Connect logs and other cluster data sources.
AI Assistant
Triage vulnerabilities in chat.
AI Insights
Proactive cluster health analysis.