[QUESTION] Managing Vulnerabilities in third party apps

[smartaquarius10]

What is your question?

When creating EKS or AKS clusters, we often include various platform managing applications such as ArgoCD, secret operators, or ingress controllers like NGINX/Kong, which are usually installed via ready-made Helm charts.

While it's possible to integrate Copacetic into the CI/CD pipeline to scan and remove vulnerabilities for custom-built applications, we are seeking guidance on how to handle vulnerabilities in these pre-built images that come with readily available Helm charts.

Are there any recommended practices or workflows for incorporating vulnerability management into the deployment of these platform apps?

Any suggestions or insights on this would be appreciated.