SlideShare a Scribd company logo

Is your kubernetes negative or positive

L
LibbySchulze

This document summarizes an on-demand webinar about Kubescape, an open-source tool for testing Kubernetes security and compliance. It discusses how Kubescape allows scanning a Kubernetes cluster or configuration files against multiple frameworks with a single click. The webinar demonstrates running an initial scan in under 3 minutes, analyzing results, and integrating Kubescape into CI/CD pipelines and clusters. It also introduces the ARMO platform for securing the full Kubernetes development lifecycle.

Related slideshows

Kubescape single pane of glass
Kubescape single pane of glassKubescape single pane of glass
Kubescape single pane of glass
 
Building a Secure Supply Chain with Docker
Building a Secure Supply Chain with DockerBuilding a Secure Supply Chain with Docker
Building a Secure Supply Chain with Docker
 
Flux is incubating + the road ahead
Flux is incubating + the road aheadFlux is incubating + the road ahead
Flux is incubating + the road ahead
 
1 of 21
Download to read offline
On-Demand Webinar: Is Your Kubernetes Positive or Negative? Kubescape is the first open- source tool for testing if Kubernetes is deployed securely and in compliance against multiple frameworks in one single click. Star Us: https://github.com/armosec/kubescape Join our Discord: https://discord.gg/aEdBsgWQtc Visit Us: https://www.armosec.io/armo-kubescape
# Shauli Rozen # CEO & Co-Founder, ARMO # SW Developer turned entrepreneur My life is like: >> 5 am – Go Surfing >> 8 am - Build Kubernetes Security products >> 9 pm – Put three boys to sleep >> Repeat Who am I?
Agenda >> Why do I care? and how can you help me? >> Running your first scan in less than 3 minutes >> Analyzing results and setting your own framework >> Adding Kubescape to your CI/CD and Clusters >> Done! Now what?
Agenda >> Why do I care? and how can you help me? >> Running your first scan in less than 3 minutes >> Analyzing results and setting your own framework >> Adding Kubescape to your CI/CD and Clusters >> Done! Now what?
Houston, We Have a {Configuration} Problem Through 2025, more than 99% of cloud breaches will have a root cause of customer misconfigurations or mistakes
Millions of Potential Configuration Issues, Where do I Start? Best Practices Frameworks to the rescue
The First Open-Source Tool to Scan Kubernetes According to Multiple Frameworks Multiple Frameworks Code & Clusters NSA, MITRE, K8s Best Practices, or create your own custom one Scan running cluster or YAMLs and HELM in your IAC Run within your CI/CD Simple integration to your favorite pipeline tools
Armo’s Kubescape Is Becoming The Most Popular K8s Security Open-Source tool on Github Fastest growing Kubernetes Security GitHub Project Top GitHub trending list Developers and DevOps from over 40 Fortune 500 companies 4K 3K 2K 1K 0K 2017 2018 2019 2021 2020 Github stars armosec/kubesape aqyasecurity/kube-bench alcideio/skan Stackrox/kube-linter snyk/snyk pixie-labs/pixie bridgercewio/checkov falcosecurity/falco
Join Thousands of Kubescape Users
Agenda >> Why do I care? and how can you help me? >> Running your first scan in less than 3 minutes >> Analyzing results and setting your own framework >> Adding Kubescape to your CI/CD and Clusters >> Done! Now what?
Let's See It In Action, 3 Min or less to get your first scan going, no in-cluster installation, read only privileges Less than 3 Min to get your first scan API Based with read- only Privileges Get Started: https://github.com/armosec/kubescape
Agenda >> Why do I care? and how can you help me? >> Running your first scan in less than 3 minutes >> Analyzing results and setting your own framework >> Adding Kubescape to your CI/CD and Clusters >> Done! Now what?
Analyzing the results, Finding remediations, setting up exceptions, and using custom frameworks Kubescape Documentation: https://hub.armo.cloud/ Understand risk over time, and identify drifts Set exceptions and find remediations Build your own framework Coming next: Analyze RBAC and excessive privileges Scan container images and put vulnerabilities into context
Agenda >> Why do I care? and how can you help me? >> Running your first scan in less than 3 minutes >> Analyzing results and setting your own framework >> Adding Kubescape to your CI/CD and Clusters >> Done! Now what?
Check Early in CI/CD and Continuously in Production Run as CLI within DevTools, CI Pipelines Run in Cluster as CronJob for Continuous Monitoring
Agenda >> Why do I care? and how can you help me? >> Running your first scan in less than 3 minutes >> Analyzing results and setting your own framework >> Adding Kubescape to your CI/CD and Clusters >> Done! Now what?
Go Past Configurations with ARMO’s Dev To Production Kubernetes Platform Through 2025, more than 99% of cloud breaches will have a root cause of customer misconfigurations or mistakes
Go Past Configurations with ARMO’s Dev To Production Kubernetes Platform #01 #02 #03 Configuration Deployment Production Open Source . Free Forever Tiered Offering. Free Tier Tiered Offering. Free Tier
ARMO’s Dev To Production Kubernetes Platform Configuration Deployment Production #01 #02 #03 Open Source . Free Forever Tiered Offering. Free Tier Tiered Offering. Free Tier On demand checks CI/CD embedding Yamls & cluster (from outside) Frameworks In cluster install Always on watching Vulnerability scanning Admission control Audit log analysis Live alerts Least privilege monitoring Native policy enforcement Runtime Zero-Trust Deep observability Vulnerability relevancy Memory protection Secret protection Zero Trust network protection Identity based data protection Service Mesh interoperability Live feedback Live feedback Check early in the CI/CD Continues Posture control
The ARMO True Zero-Trust Model With one YAML, on any cluster Protect customer solutions even if infrastructure is compromised Memory Protection & Exploit Prevention Automated Zero- Trust Network Policy ONLY PROTECTED AND AUTHORIZED MICROSERVICES CAN: Run Communicate Access Data Transparent Data Encryption Memory Protection & Exploit Prevention ONLY PROTECTED AND AUTHORIZED MICROSERVICES CAN: Run Communicate Access Data
/> Thank You

More Related Content

Is your kubernetes negative or positive

  • 1. On-Demand Webinar: Is Your Kubernetes Positive or Negative? Kubescape is the first open- source tool for testing if Kubernetes is deployed securely and in compliance against multiple frameworks in one single click. Star Us: https://github.com/armosec/kubescape Join our Discord: https://discord.gg/aEdBsgWQtc Visit Us: https://www.armosec.io/armo-kubescape
  • 2. # Shauli Rozen # CEO & Co-Founder, ARMO # SW Developer turned entrepreneur My life is like: >> 5 am – Go Surfing >> 8 am - Build Kubernetes Security products >> 9 pm – Put three boys to sleep >> Repeat Who am I?
  • 3. Agenda >> Why do I care? and how can you help me? >> Running your first scan in less than 3 minutes >> Analyzing results and setting your own framework >> Adding Kubescape to your CI/CD and Clusters >> Done! Now what?
  • 4. Agenda >> Why do I care? and how can you help me? >> Running your first scan in less than 3 minutes >> Analyzing results and setting your own framework >> Adding Kubescape to your CI/CD and Clusters >> Done! Now what?
  • 5. Houston, We Have a {Configuration} Problem Through 2025, more than 99% of cloud breaches will have a root cause of customer misconfigurations or mistakes
  • 6. Millions of Potential Configuration Issues, Where do I Start? Best Practices Frameworks to the rescue
  • 7. The First Open-Source Tool to Scan Kubernetes According to Multiple Frameworks Multiple Frameworks Code & Clusters NSA, MITRE, K8s Best Practices, or create your own custom one Scan running cluster or YAMLs and HELM in your IAC Run within your CI/CD Simple integration to your favorite pipeline tools
  • 8. Armo’s Kubescape Is Becoming The Most Popular K8s Security Open-Source tool on Github Fastest growing Kubernetes Security GitHub Project Top GitHub trending list Developers and DevOps from over 40 Fortune 500 companies 4K 3K 2K 1K 0K 2017 2018 2019 2021 2020 Github stars armosec/kubesape aqyasecurity/kube-bench alcideio/skan Stackrox/kube-linter snyk/snyk pixie-labs/pixie bridgercewio/checkov falcosecurity/falco
  • 10. Agenda >> Why do I care? and how can you help me? >> Running your first scan in less than 3 minutes >> Analyzing results and setting your own framework >> Adding Kubescape to your CI/CD and Clusters >> Done! Now what?
  • 11. Let's See It In Action, 3 Min or less to get your first scan going, no in-cluster installation, read only privileges Less than 3 Min to get your first scan API Based with read- only Privileges Get Started: https://github.com/armosec/kubescape
  • 12. Agenda >> Why do I care? and how can you help me? >> Running your first scan in less than 3 minutes >> Analyzing results and setting your own framework >> Adding Kubescape to your CI/CD and Clusters >> Done! Now what?
  • 13. Analyzing the results, Finding remediations, setting up exceptions, and using custom frameworks Kubescape Documentation: https://hub.armo.cloud/ Understand risk over time, and identify drifts Set exceptions and find remediations Build your own framework Coming next: Analyze RBAC and excessive privileges Scan container images and put vulnerabilities into context
  • 14. Agenda >> Why do I care? and how can you help me? >> Running your first scan in less than 3 minutes >> Analyzing results and setting your own framework >> Adding Kubescape to your CI/CD and Clusters >> Done! Now what?
  • 15. Check Early in CI/CD and Continuously in Production Run as CLI within DevTools, CI Pipelines Run in Cluster as CronJob for Continuous Monitoring
  • 16. Agenda >> Why do I care? and how can you help me? >> Running your first scan in less than 3 minutes >> Analyzing results and setting your own framework >> Adding Kubescape to your CI/CD and Clusters >> Done! Now what?
  • 17. Go Past Configurations with ARMO’s Dev To Production Kubernetes Platform Through 2025, more than 99% of cloud breaches will have a root cause of customer misconfigurations or mistakes
  • 18. Go Past Configurations with ARMO’s Dev To Production Kubernetes Platform #01 #02 #03 Configuration Deployment Production Open Source . Free Forever Tiered Offering. Free Tier Tiered Offering. Free Tier
  • 19. ARMO’s Dev To Production Kubernetes Platform Configuration Deployment Production #01 #02 #03 Open Source . Free Forever Tiered Offering. Free Tier Tiered Offering. Free Tier On demand checks CI/CD embedding Yamls & cluster (from outside) Frameworks In cluster install Always on watching Vulnerability scanning Admission control Audit log analysis Live alerts Least privilege monitoring Native policy enforcement Runtime Zero-Trust Deep observability Vulnerability relevancy Memory protection Secret protection Zero Trust network protection Identity based data protection Service Mesh interoperability Live feedback Live feedback Check early in the CI/CD Continues Posture control
  • 20. The ARMO True Zero-Trust Model With one YAML, on any cluster Protect customer solutions even if infrastructure is compromised Memory Protection & Exploit Prevention Automated Zero- Trust Network Policy ONLY PROTECTED AND AUTHORIZED MICROSERVICES CAN: Run Communicate Access Data Transparent Data Encryption Memory Protection & Exploit Prevention ONLY PROTECTED AND AUTHORIZED MICROSERVICES CAN: Run Communicate Access Data