Technology · Ebook

Kubescape: Kubernetes Security Scanning

by Shriira Press

Kubescape is an open-source Kubernetes security platform — it scans clusters, manifests, and images for misconfigurations, vulnerabilities, and excessive permissions, and measures them against security frameworks. This free book teaches it from the ground up: the Kubernetes security problem and what Kubescape is, Kubernetes security risks (misconfigurations, vulnerabilities, RBAC, supply chain), security frameworks (NSA-CISA, CIS, MITRE) and controls, how Kubescape works (scanning, the CLI, the operator, OPA/Rego), misconfiguration scanning, vulnerability scanning (CVEs in images), RBAC and compliance, shift-left and CI/CD, continuous security and the operator (runtime insights), and operating Kubescape in practice (remediation, the ecosystem). Ten focused chapters with clear diagrams that demystify Kubernetes security — finding, measuring, and fixing issues across the lifecycle to turn insecure-by-default Kubernetes into a hardened, compliant, continuously-monitored platform.

Contents

1. 1Preface
2. 2Chapter 1 — What Kubescape Is
3. 3Chapter 2 — Kubernetes Security Risks
4. 4Chapter 3 — Security Frameworks and Controls
5. 5Chapter 4 — How Kubescape Works
6. 6Chapter 5 — Misconfiguration Scanning
7. 7Chapter 6 — Vulnerability Scanning
8. 8Chapter 7 — RBAC and Compliance
9. 9Chapter 8 — Shift-Left and CI/CD
10. 10Chapter 9 — Continuous Security and the Operator
11. 11Chapter 10 — Operating Kubescape in Practice