| CPC G06F 21/554 (2013.01) [G06F 21/568 (2013.01)] | 17 Claims |
|
1. A system comprising:
a virtual computing environment platform comprising at least one first processor configured to operate a virtual machine corresponding to an activated virtual machine (VM) image;
a VM image management platform, comprising:
at least one second processor; and
memory storing computer-readable instructions that, when executed by the at least one second processor, cause the VM image management platform to:
receive, continuously at a scanning stack, a plurality of virtual machine images, wherein the scanning stack comprises a last in first out (LIFO) stack;
add, continuously, virtual images to the scanning stack;
pull, by a scanning engine, a first VM image from the scanning stack;
scan, by the scanning engine, the first VM image, wherein the first VM image is stored in an approved image data store based on an indication that the scanning engine failed to identify a threat indicator;
provision, by a provisioning engine and based on indication that no security threat was identified, the first VM image on the virtual computing environment platform;
remove, from the scanning stack and from the approved image data store, a second VM image after expiration of a scan wait time duration; and
remove, by a VM image management service based on an identified threat associated with the first VM image and when the first VM image comprises a saved VM image retrieved from the approved image data store, the first VM image from the approved image data store.
|