Kubescape

Kubescape is a security tool designed for Kubernetes environments. It is used to assess the security posture of your Kubernetes clusters by identifying potential vulnerabilities and misconfigurations. It scans the cluster configuration and resources, looking for security issues, vulnerabilities, and best practice violations.

Usage of Kubescape in Delivery Shield

  • Kubescape scans your Kubernetes cluster to detect issues based on the following security frameworks:

    • CIS Benchmark for Kubernetes

    • MITRE ATT&CK

    • NSA CISA

  • Delivery Shield uses Kubescape to perform security analysis on your Kubernetes cluster. It runs security scans on clusters before deployment and block the deployments in insecure clusters.

  • The scanned results help in calculating the overall image and application risk. These results are available in the Deploy section of the DBOM page as well as in the View Open Security Issues page.

To Integrate Kubescape

You can integrate Kubescape in your cluster as well. Follow the steps given below:

  1. Create a Kubescape secret in the SSD namespace and store the target cluster's kubeconfig file in it using the following command. 

kubectl create secret generic <Secret name> --from-file=<Path to Kubeconfig> -n <SSD Namespace>

You can use the same secret created while installing the kube-detector service.

  1. Open the downloaded remote file, and update the following fields.

  • secretName - The name of the secret created in the previous step.

  • key - The key in the secret that points to the kubeconfig data.

  • path - The value in the secret that points to the kubeconfig.

  1. Now apply the updated kubescape file in the SSD namespace by executing the command given below:

kubectl apply -f <Path to file> -n <namespace>

  1. The kubescape is integrated in SSD.

You should see the kubescape pod is up and running into your SSD ns: kubescape-service-qluat-d77dfd45f-vkq2l 1/1 Running 0 4h28m

PreviousVirusTotalNextSnyk

Last updated