kubescape – Kubernetes Security tool1 min read

Recently CISA and NSA have released guidance on security measures that need to be followed using Kubernetes. As per NSA and CISA hackers are targeting Kubernetes for 3 things,

• Data Theft
• Computational theft
• Denial of Service.

Based on the report by NSA and CISA Armosec has developed a tool that audits your Kubernetes cluster and checks whether we have followed the guidance provided by NSA and CISA, finally provide a detailed report.

This is a free tool developed by Armosec and can be used in any environment to identify misconfiguration.

Let’s jump to see how to use the tool,

Install Kubescape to the Linux system where it has the access to the kubernetes cluster.

curl -s https://raw.githubusercontent.com/armosec/kubescape/master/install.sh | /bin/bash

Once you did the installation you will be able to see the below output to proceed with the scan.

Now Execute the below command to start the scan.

kubescape scan framework nsa --exclude-namespaces kube-system,kube-public

use the –exclude-namespaces for excluding any namespace from the scan.

Once the tool finishes the scan you will be able to see the result as shown below.

Now its the time for you to go through the report and fix the issues published by the tool.

• He is Technical professional. He is a person who loves to share tricks and tips on the Internet. He Posts what he does!

Prabhin Prabharkaran Administrator

DevOps Engineer

He is a Technical professional. He is a person who loves to share tricks and tips on the Internet. He Posts what he does!

web

https://www.techrunnr.com

email

prabhin@techrunnr.com

call

8129739773

follow me

#1

#2

#3

Questions Answered

Articles Written

Overall Points