As “left” as it can get – find Kubernetes security issues while coding, not after
Jan 20, 2022
Kubescape is now available on the Visual Studio extension marketplace.
Visual Studio code extensions are add-ons that allow developers to customize and enhance their experience in Visual Studio Code by adding new features or integrating 3rd party tools. An extension can range in all levels of complexity, but its main purpose is to increase developers’ productivity and cater to their workflow.
At ARMO, we aim to make Kubescape the DevOps tool of choice for anything related to security- risk analysis, compliance, RBAC, visibility, and control – from development to production and from configuration to run-time.
Kubescape is designed to be integrated into the CI/CD pipeline and running clusters.
Now, that Kubescape is available as a Visual Studio code extension, DevOps/DevSecOps teams can enforce guidelines and best practices (e.g., set resource limitations, restrict privileges escalation, and more), based on different frameworks, cross-teams, and cross-environments.
Developer teams will be alerted on potential security issues like misconfigurations, vulnerabilities, and breaches of compliance at the earliest stage of the development process, while they write definitions and config files (like YAML files), instead of weeks after when the issues are discovered at staging or production environments.
Getting relevant information from Kubescape as soon as the developer is coding, allows fixing security issues before they can be mistakenly deployed and provide the developer with the comfort of staying in their favorite development tool without the need to call external tools.
How does it work?
- Just install the extension. If you do not have Kubescape installed already, the extension will allow you to download it automatically.
- Choose a compliance framework (NSA-CISA, MITRE, ARMOBest, DevOpsBEST or customized your own framework)
- Open any YAML file → Scan
- Find misconfigurations, breached controls etc. (using assisted remediation you can see exactly where your resource has failed and what was the cause)
- Be happy 😊