Security News > 2021 > August > Kubescape helps admins manage Kubernetes securely

Kubescape is an open-source tool for testing if Kubernetes is deployed securely, as defined in the recently released Kubernetes Hardening Guidance by NSA and CISA. About Kubernetes.

"Kubernetes is commonly targeted for three reasons: data theft, computational power theft, or denial of service. Data theft is traditionally the primary motivation; however, cyber actors may attempt to use Kubernetes to harness a network's underlying infrastructure for computational power for purposes such as cryptocurrency mining," the NSA noted when it released the aforementioned guide.

The tool retrieves the Kubernetes objects from the API server and scans them by running a set of Rego snippets developed by Israeli company ARMO. Kubescape is easy to use and the results can be delivered in print or can be retrieved in JSON format.

Jonathan Kaftza, VP Marketing & Business Development, ARMO, says their hope is to see Kubescape become a well-known and widely used tool by the DevOps and Kubernetes community.

"Our vision is to help the community with a simple but useful tool for scanning Kubernetes clusters to find security issues. We want to add more features like finding weak secrets and scanning containers for problems in the future," he said.

"We welcome the community feedback and ideas for improvement. We're also aiming to collaborate with the Kubernetes community to help make the tests themselves more robust and complete as Kubernetes develops."

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/WjFIFmrPH7w/