LinkedIn and 3rd parties use essential and non-essential cookies to provide, secure, analyze and improve our Services, and to show you relevant ads (including professional and job ads) on and off LinkedIn. Learn more in our Cookie Policy.

Select Accept to consent or Reject to decline non-essential cookies for this use. You can update your choices at any time in your settings.

Start free trial Sign in

From the course: Kubernetes and Cloud Native Security Associate (KCSA) Cert Prep

Unlock the full course today

Join today to access over 24,700 courses taught by industry experts.

Automation and tooling

Automation and tooling

From the course: Kubernetes and Cloud Native Security Associate (KCSA) Cert Prep

Start my 1-month free trial Buy for my team

Automation and tooling

“

All right. So you saw the report. You saw the Kubernetes CIS report, it was over 200 pages. Now, I'm pretty certain and you probably don't want to read that whole thing. And if you do, more power to you. I think that's great. But, you know, let's say you don't want to read it and let's say you don't want to memorize it. Well, luckily, there are a few different ways that we can automate compliance. Now, three of the biggest tools I would say in the Kubernetes space right now for this is Kubescape, kube-bench by Aqua Security and Checkov. So Kubescape can literally scan everything from a cluster to the pods to the Kubernetes manifest. It even scans RBAC. So there's this like RBAC visualizer where you can actually see this service account has this cluster role and has this cluster binding and et cetera, you can see users, you can see RBAC, all of it. All right. It uses CIS. So it does scan against CIS standards, which is great because guess what? Now you don't have to read those 200-page…

Contents