An overview of Kubescape - Kubernetes security and compliance Tool

In this blog, We will see how to install Kubescape and how to identify the security issues and best practices in the Kubernetes cluster.

Kubescape is a security and compliance tool for Kubernetes, it helps to identify risk analysis, security compliance, and misconfiguration in the Kubernetes cluster.

Requirements,

1. Kubernetes cluster

2. kubectl

Step 1: Install kubescape on a Linux machine.

I have one master and one node k3s cluster to experiment with kubescape.

Execute the below command to install kubscape on the Linux machine,

curl -s https://raw.githubusercontent.com/kubescape/kubescape/master/install.sh | /bin/bash

Within a few seconds, it will install.

Step 2: Scan the Kubernetes cluster

I have my cluster configuration in the default path.

Scan Kubernetes cluster with the below command,

kubescape scan --enable-host-scan --verbose

It will scan all the resources in the Kubernetes cluster and give the current status of the cluster,

Here is the number of vulnerabilities found in my cluster, Need to check them one by one and fix them.

We can scan based on the framework available for kubescape.

Here is the list of frameworks it's supported, NSA-CISA, MITRE ATT&CK and CIS Benchmark. Below command to use to scan for the specific framework.

kubescape scan framework cis

We can export the result in HTML,  JSON, PDF, and XML by using the below command,

kubescape scan framework cis --format pdf --output cis_output.pdf

Step 3: Types of kubescape methods to scan,

Use an alternate kubeconfig file to scan,

kubescape scan --kubeconfig cluster.conf

Include specific namespaces to scan,

kubescape scan --include-namespaces devopsart,nginx

Exclude specific namespaces to scan,

kubescape scan --exclude-namespaces kube-system

kubescape scan --exclude-namespaces kube-system,default

Scan yaml files,

kubescape scan nginx.yaml

kubescape scan *.yaml

That's all, Today we have seen how to install kubescape tool and scan kubernetes cluster.