This webinar discusses Kubescape, an open-source Kubernetes security tool that provides a single pane of glass for monitoring and securing Kubernetes clusters. It can check for misconfigurations, vulnerabilities, RBAC issues, secrets, and network policies. The webinar demonstrates how to run Kubescape with read-only access in 3 minutes to scan a cluster. It also outlines Kubescape's capabilities for compliance monitoring, risk analysis, image scanning, and RBAC visualization. Future roadmap items include admission control, audit logging, vulnerability relevancy, and a dashboard.
Overview of Kubernetes Security focus with Kubescape; speaker introduction and agenda highlights.
In-depth look at Kubescape's role in K8s security; features like continuous monitoring and vulnerabilities assessments. Best practices for enforcing security in Kubernetes from CI/CD to production; includes vulnerability scanning and compliance.
Contact information for the speaker and concluding thank you for audience participation.
On-Demand Webinar:
Kubernetes Security
SinglePane of Glass
Using Kubescape to overcome the
increasing complexity of K8s
security across misconfigurations,
vulnerabilities, RBAC, secrets,
network policies and more..
Star Us:
https://github.com/armosec/kubescape
Join our Discord:
https://discord.gg/aEdBsgWQtc
Visit Us:
https://www.armosec.io/
2.
# Shauli Rozen
#CEO & Co-Founder, ARMO
# SW Developer turned entrepreneur
My life is like:
>> 5 am – Go Surfing
>> 8 am - Build Kubernetes Security products
>> 9 pm – Put three boys to sleep
>> Repeat
Who am I?
3.
Agenda
>> What isKubescape?
>> Creating a Single Pane of Glass for K8s Security
>> Deep Dive into Kubescape Capabilities and Usage
>> Overview of What is Coming Next
>> Done!
4.
Armo’s Kubescape IsOne of The Most Popular
K8s Security Open-Source tools on Github
Check Early inCI/CD and
Continuously in Production
Run as CLI within
DevTools, CI Pipelines
Run in Cluster as CronJob
for Continuous Monitoring
7.
Agenda
>> What isKubescape?
>> Creating a Single Pane of Glass for K8s Security
>> Deep Dive into Kubescape Capabilities and Usage
>> Overview of What is Coming Next
>> Done!
8.
Building Kubernetes Security
SinglePane of Glass
Define and Enforce Best Practices
Identify and Prevent Drifts
NSA, MITRE, K8s Best
Practices, or create
your own custom one
Continuously, from CI/CD
to Production
Continuous Env Tightening and
attack surface reduction
Quick remediation, automatic
recommendations,
contextual insights
Kubernetes
Configuration
Workload
Configuration
User Activity
Monitor and
Control
Vulnerability
Assessment
Compliance
Benchmarks
RBAC
Control
Single Pane
of Glass
Agenda
>> What isKubescape?
>> Creating a Single Pane of Glass for K8s Security
>> Deep Dive into Kubescape Capabilities and Usage
>> Overview of What is Coming Next
>> Done!
11.
Let's See ItIn Action, 3 Min or less to get your first scan
going, no in-cluster installation, read only privileges
Less than 3 Min to get
your first scan
API Based with read-
only Privileges
Get Started: https://github.com/armosec/kubescape
12.
Agenda
>> What isKubescape?
>> Creating a Single Pane of Glass for K8s Security
>> Deep Dive into Kubescape Capabilities and Usage
>> Overview of What is Coming Next
>> Done!
13.
Dev To Production
KubernetesPlatform
Configuration
Deployment
Production
#01
#02
#03
Open Source .
Free Forever
Tiered Offering.
Free Tier
Tiered Offering.
Free Tier
On demand checks
CI/CD embedding
Yamls & cluster
(from outside)
Frameworks
In cluster install
Always on watching
Vulnerability scanning
Admission control
Audit log analysis
Live alerts
Least privilege monitoring
Native policy enforcement
Runtime
Zero-Trust
Deep observability
Vulnerability relevancy
Memory protection
Secret protection
Zero Trust network protection
Identity based data
protection
Service Mesh interoperability
Live feedback
Live feedback
Check early
in the CI/CD
Continues
Posture control
Checkout our Roadmap on GitHub:
https://github.com/armosec/kubescape
/blob/master/docs/roadmap.md
Agenda
>> What isKubescape?
>> Creating a Single Pane of Glass for K8s Security
>> Deep Dive into Kubescape Capabilities and Usage
>> Overview of What is Coming Next
>> Done!