Kubernetes Security Guardrails
Kubernetes Security Guardrails (K8s Guardrails) helps harden your production environment by auditing your Kubernetes clusters, nodes, and pods configuration. This ensures that your cluster is tuned and runs according to security best practices and internal guidelines. Kubernetes Guardrails provides actionable recommendations for risk mitigation. You can easily shift-left to resolve security and compliance issues in the development stage before moving to production.
For any questions about setup, configuration, or support reach out to your CSM or to support through our Customer Support Portal.
Before getting started with Kubernetes Security Guardrails you will need to have the following:
- A functioning InsightCloudSec Platform installation
- Configuration to support either the local and/or remote scanner. Check out the Kubernetes Scanners - Overview for an overview of our scanning options.
- For configurations using the Remote Scanner option you must have version 22.10.x or later
- InsightCloudSec Admin permissions (Domain or Org Admin)
- Familiarity using Helm
- Familiarity using
- Access to the license server (e.g. if you do not see the Add Kubernetes API Key option on the Kubernetes Clusters page this feature is not enabled)
If you are not experienced with the tools identified above we recommend working closely with us or coordinating with your own DevOps resources for support.
What is Supported by Kubernetes Security Guardrails?
- Multi-cluster vulnerability scanner
- A summary of your cluster’s compliance and security status
- A detailed list of compliance and security issues, followed by recommendation for a quick remediation
- Baseline your clusters profile and easily monitor degradations
- Our current setup can support up to two API keys to enable key rotation. The clusters will be installed as a single Organization (within InsightCloudSec).
A future release will also provide a dedicated page within InsightCloudSec to view details for clusters you have harvested.