We are happy to announce that Kubescape now integrates with GitHub Actions. This allows users to identify issues as early and as clearly as possible, without ever leaving GitHub. Read all about it 👇

This article focuses on a critical missing component of Cloud Security Posture Management (CSPM): visibility into Kubernetes. Scroll down to read all you need to know about it.

A detailed overview of the Remote Code Execution (RCE) attacks, how it affects the Kubernetes infrastructure, and how the vulnerabilities of the K8 systems can be mitigated. Remote Code Execution (RCE) is a vulnerability in systems that cybercriminals can exploit to perform attacks. In RCE attacks, hackers execute malicious code in target systems remotely, irrespective of their location on the network. That’s because they don’t need the target systems to have the execution functionality.

The Kubernetes community is ready for the last release of 2022—version 1.26. Since its beginning, Kubernetes has been a place of constant change and improvement. The platform evolves and matures with every new API change and bug fix. In this release, there are 38 tracked enhancements in addition to a large number of bug fixes. In this article, we will focus on some highlighted enhancements, important deprecations, and removals so that you can be confident before upgrading your clusters.

All the main K8s vulnerabilities from 2022 consolidated into one article. Put together by Ben Hirschberg, founder of ARMO, the makers of Kubescape. During 2022, Kubernetes continued to cement itself as a critical infrastructure component in the modern software stack. From small to large organizations, it has become a widely popular choice. For obvious reasons, this shift made Kubernetes more susceptible to attacks. But this is not the end of it.

A first of its kind survey looks at the relationship between open-source and K8s security. Today DevOps and security teams who deploy Kubernetes are forced to make a difficult choice between two security realities. They can either commit to a proprietary solution that they can’t adapt, access its code, influence the roadmap or contribute to its future. Or they can use open-source tools. But then they’ll end up attempting to integrate several of these tools together.

Kubernetes clusters consist of multiple resources and API objects interacting dynamically—which typically makes cluster management via the CLI overwhelming. Kubernetes Dashboard was built to simplify cluster operations by providing a unified, human-friendly interface. The web-based dashboard enables cluster operators to deploy applications, access running workloads, and correlate logs with cluster events. This article demonstrates how to install and use Kubernetes Dashboard.

Open source got more open source-y. Kubescape API is now documented on Swagger, the OpenAPI standard. That’s it in a nutshell. Scroll down to read more about it. We’re excited to share that we made another important step as an open-source company. We have documented the APIs of our newly open-sourced services using Swagger, the OpenAPI standard. This will help you integrate, interact and develop for the Kubescape platform.

OpenSSL is the most popular implementation of the TLS protocol (Transport Layer Security) which is essentially the de-facto security protocol of the internet today. The OpenSSL team announced critical security updates of versions above version 3.0 (OpenSSL 3.0 was released on September 7, 2021). The myriad of projects and software depending on OpenSSL must update and release a new version to enable end users to start patching their systems.

Kubescape can now automatically scan Kubernetes clusters against the Center for Internet Security (CIS) benchmark, identify compliance gaps, suggest remediations, and monitor for drifts. This feature was born as a direct response to requests we received from Kubescape’s community and we’re excited to launch it. In this version, Kubescape supports CIS Kubernetes V1.23. In the next releases CIS GKE, AKS, and EKS frameworks will be supported as well.