Kubescape: the 1st open-source project to support VEX generation
Guest post originally published on Kubescape’s blog by Oshrat Nir, Developer Advocate at ARMO and a Kubescape contributer. Introduction: Vulnerability Exploitability eXchange...
Kubescape March 2022 version – what is new and what is improved
Apr 6, 2022
The ARMO Kubescape team has been busy lately… we have several new and improved features for you that we are very excited about.
Based on the feedback and ideas we got from the amazing community, we worked hard to enhance Kubescape with better and deeper scanning capabilities, UI improvements, and a more friendly CLI version.
We invite everyone to shape the Kubescape roadmap by giving us feedback and suggestions using git, discord, or mail.
What’s new in this version:
Deeper configuration scanning
Up until now, you could scan K8s manifests files (i.e., YAML, IaC) for misconfigurations. In the new version, we added scanning of K8s worker nodes configuration (with the –enable-host-scan flag), API server (with the API server integrations), and image scanning results (new controls under setting-> posture-> controls section)
Improved image scanning
Kubescape cloud now supports more options to make image scanning more usable: focus on the latest scan results, see and search for scanned image tags in the detailed CVEs list, look for images with a certain CVE, scan init-type containers.
Advanced assisted remediation
- Up until now, Kubescape showed exactly where the control failed and why. Now Kubescape will show which attributes are missing in your K8s YAML file and will display the missing lines.
- RBAC is now added to assisted remediation.
Watch the video
Improved controls status
- We added a new status called “irrelevant” to distinguish it from “skipped”.
- We placed an indication on controls that require host sensor, integration with API server, and configurable controls.
New control status and indications
Share
