Abstract: A system and method for virtual machine image management. A method includes generating a plurality of software packages, wherein each software package is generated using a respective set of code; building a plurality of VM images based on a plurality of files, wherein building each VM image further comprises combining a subset of the plurality of software packages according to a corresponding file of the plurality of files, wherein each file includes a set of instructions for combining the subset of the plurality of software packages in order to build the corresponding VM image; and pushing the plurality of VM images in a repository.

Abstract: A system and method for vulnerability remediation. A method includes identifying a vulnerable software package among a plurality of software packages based on cybersecurity data indicating a vulnerability; identifying at least one vulnerable software image of a plurality of software images by determining that the at least one vulnerable software image contains the vulnerable software package based on a plurality of files, wherein each of the plurality of software images is built based on a corresponding file of the plurality of files, wherein each file of the plurality of files includes a set of instructions for combining a subset of the plurality of software packages in order to build the corresponding software image of the plurality of software images; and performing at least one remediation action with respect to the at least one vulnerable software image.

Abstract: A system and method for software image management. A method includes generating a plurality of software packages, wherein each software package is generated using a respective set of code; building a plurality of software images based on a plurality of files, wherein building each software image further comprises combining a subset of the plurality of software packages according to a corresponding file of the plurality of files, wherein each file includes a set of instructions for combining the subset of the plurality of software packages in order to build the corresponding software image; and storing the plurality of software images in a repository.

Abstract: A system and method for securing software images. A method includes generating software packages. Each software package is generated using a respective set of code. A first software package of the software packages includes code that configures a system to secure a computing environment based on a secret when executed. A software image is built based on a file, where the file includes a set of instructions for combining a subset of the software packages including the first software package and instructions for embedding the secret in order to build the software image. Building the software image further includes combining the subset of software packages according to the file and embedding the secret in the software image; and providing the software image for execution. The software image is executed by the system and, when executed, configures the system to deploy the software component based on the subset of software packages.

Abstract: A system and method for software image management. A method includes generating a plurality of software packages including a plurality of units of code, wherein each software package is generated using a respective unit of code of the plurality of units of code, wherein the plurality of software packages includes a security package, wherein the respective unit of code for the security package configures a processing circuitry to perform at least one cybersecurity function when executed by the processing circuitry; and building a software image based on the plurality of software packages by executing a set of instructions of a file, wherein the set of instructions causes the plurality of software packages to be combined in order to build the software image when executed.

Abstract: A system and method for vulnerability remediation. A method includes identifying a vulnerable software package among a plurality of software packages based on cybersecurity data indicating a vulnerability; identifying at least one vulnerable software image of a plurality of software images by determining that the at least one vulnerable software image contains the vulnerable software package based on a plurality of files, wherein each of the plurality of software images is built based on a corresponding file of the plurality of files, wherein each file of the plurality of files includes a set of instructions for combining a subset of the plurality of software packages in order to build the corresponding software image of the plurality of software images; and performing at least one remediation action with respect to the at least one vulnerable software image.

Abstract: The arterial blood module including an arterial blood collection element defining a collection chamber, and an arterial blood module removably connectable to a portion of the arterial blood collection element. The arterial blood module includes a hub body, a needle extending from the hub body, and a safety shield engaged with a portion of the hub body and transitionable from a first shield position in which a portion of the needle is exposed to a second shield position in which the needle is shielded by a portion of the safety shield. The arterial blood module also includes a venting chamber, wherein the venting is in fluid communication with the hub body to vent air bubbles from a collected blood sample within the collection chamber of the arterial blood collection element.

Abstract: A system and method for building software image. A method includes generating a prompt based on an input portion of application-identifying data; prompting a generative artificial intelligence model using the prompt in order to output text indicating a plurality of software packages, wherein each software package is a set of code for performing a plurality of functions of an application; generating a software image recipe based on the output text, wherein the software image recipe is a file including a set of instructions that cause a processing circuitry to build the software image by combining the plurality of software packages when executed; and building the software image by executing the software image recipe via the processing circuitry, wherein the software image causes deployment of a software component when executed, wherein the software component is configured to perform the plurality of functions of the application.

Abstract: A system and method for software image management. A method includes generating a plurality of software packages, wherein each software package is generated using a respective set of code; building a plurality of software images based on a plurality of files, wherein building each software image further comprises combining a subset of the plurality of software packages according to a corresponding file of the plurality of files, wherein each file includes a set of instructions for combining the subset of the plurality of software packages in order to build the corresponding software image; and storing the plurality of software images in a repository.

Abstract: A method and system for cyber-security processes mining are provided. The method comprises correlating events received from a plurality of data sources into a plurality of flows, wherein a flow of the plurality of flows is a sequence of events having a same identifier, and wherein at least one of the plurality of data sources is a cyber-security system; correlating the plurality of flows into a plurality of variants, wherein a variant out of the plurality of variants includes one or more flows having the same repeatable pattern; associating the plurality of variants with at least one cyber-security process based on a predefined template defining the cyber-security process; and causing a display of the least one cyber-security process and its plurality of variants.

Abstract: A method and system for cyber-security processes mining are provided. The method comprises correlating events received from a plurality of data sources into a plurality of flows, wherein a flow of the plurality of flows is a sequence of events having a same identifier, and wherein at least one of the plurality of data sources is a cyber-security system; correlating the plurality of flows into a plurality of variants, wherein a variant out of the plurality of variants includes one or more flows having the same repeatable pattern; associating the plurality of variants with at least one cyber-security process based on a predefined template defining the cyber-security process; and causing a display of the least one cyber-security process and its plurality of variants.

Abstract: A system and method for detecting vulnerabilities in software containers at runtime are provided. The method includes monitoring events triggered as a result of changes to an application layer of a software container; based on the monitored events, determining if at least one file has been changed; upon determination that at least one file has been changed, scanning the at least one file to detect at least one type of vulnerability; and upon determination of at least one type of known vulnerability, generating a detection event.

Abstract: A system and method for detecting vulnerabilities in be images of software containers are disclosed. The method includes receiving an event indicating that at least one base image should be scanned for vulnerabilities, each base image including at least one image layer, wherein the event designates at least one source of the at least one base image, wherein the least one base image includes resources utilized to execute at least a software container; extracting contents of each image layer of each base image; scanning the extracting contents to detect at least one vulnerability; and generating a detection event, when the at least one vulnerability is detected.

Abstract: A system and method for detecting vulnerabilities in software containers at runtime are provided. This method includes intercepting a request to instantiate a new software container in a first execution environment; creating a second execution environment; migrating the new software container from the first execution environment to the second execution environment for execution therein; monitoring the operation of the new software container in the second execution environment to detect at least one unauthorized action; and upon detection of the at least one unauthorized action, generating a detection event identifying at least a type of vulnerability associated with the detected unauthorized action.

Abstract: A system and method for dynamically adapting traffic inspection and filtering in containerized environments. The method includes monitoring the containerized environment to identify deployment of a software container in the containerized environment; inspecting traffic redirected from the software container, wherein the inspecting includes detecting malicious activity of the software container; and filtering the traffic based on at least one filtering rule when the malicious activity is detected, wherein the at least one filtering rule is defined in a filtering profile for the software container, wherein the filtering profile is determined for the software container when a new container image of the software container is detected in the containerized environment.

Abstract: A system and method for detecting vulnerabilities in be images of software containers are disclosed. The method includes receiving an event indicating that at least one base image should be scanned for vulnerabilities, each base image including at least one image layer, wherein the event designates at least one source of the at least one base image, wherein the least one base image includes resources utilized to execute at least a software container; extracting contents of each image layer of each base image; scanning the extracting contents to detect at least one vulnerability; and generating a detection event, when the at least one vulnerability is detected.

Abstract: A system and method for detecting vulnerabilities in base images of software containers are disclosed. The method includes receiving an event indicating that at least one base image should be scanned for vulnerabilities, each base image including at least one image layer, wherein the event designates at least one source of the at least one base image, wherein the least one base image includes resources utilized to execute at least a software container; extracting contents of each image layer of each base image; scanning the extracting contents to detect at least one vulnerability; and generating a detection event, when the at least one vulnerability is detected.

Abstract: A system and method for dynamically adapting traffic inspection and filtering in containerized environments. The method includes monitoring the containerized environment to identify deployment of a software container in the containerized environment; inspecting traffic redirected from the software container, wherein the inspecting includes detecting malicious activity of the software container; and filtering the traffic based on at least one filtering rule when the malicious activity is detected, wherein the at least one filtering rule is defined in a filtering profile for the software container, wherein the filtering profile is determined for the software container when a new container image of the software container is detected in the containerized environment.

Abstract: A system and method for detecting vulnerabilities in base images of software containers are disclosed. The method includes receiving an event indicating that at least one base image should be scanned for vulnerabilities, each base image including at least one image layer, wherein the event designates at least one source of the at least one base image, wherein the least one base image includes resources utilized to execute at least a software container; extracting contents of each image layer of each base image; scanning the extracting contents to detect at least one vulnerability; and generating a detection event, when the at least one vulnerability is detected.

Abstract: A system and method for detecting vulnerabilities in software containers at runtime are provided. The method includes monitoring events triggered as a result of changes to an application layer of a software container; based on the monitored events, determining if at least one file has been changed; upon determination that at least one file has been changed, scanning the at least one file to detect at least one type of vulnerability; and upon determination of at least one type of known vulnerability, generating a detection event.