Secure your Kubernetes clusters with KubeScape, the all-in-one open source security tool for Kubernetes environments!
In this video, we’ll walk you through how KubeScape works to identify vulnerabilities, detect runtime anomalies, and enforce compliance for enhanced cluster security. Whether you're managing workloads across multiple cloud providers or running on-premises, KubeScape provides actionable insights to safeguard your infrastructure.
💡 What You’ll Learn:
1. Introduction to Kubescape:
- The journey from a CLI tool to a comprehensive security solution.
- Key features and capabilities of the Kubescape CLI.
2. Kubescape Operator:
- Deployment components and how to set up the operator with Helm.
- Continuous cluster scanning and runtime vulnerability detection.
- Generating and fine-tuning network policies with Nodeagent.
- Regular scans and storing results in CRDs.
3. Network Policies and Runtime Threat Detection:
- Defining network policies and using Known Servers.
- Runtime threat detection using eBPF and Inspector Gadget.
- Learning phase and creating Runtime Rule Alert Bindings.
- Covering various attack patterns for enhanced security.
4. OpenTelemetry Integration:
- Integrating Kubescape with OpenTelemetry and managing data enrichment.
- Collecting and attaching data to the correct OpenTelemetry services.
- Reading logs, using filelog receiver, and pulling CRD content.
- Collecting metrics with Prometheus exporter and creating insightful dashboards.
🔗 Useful links
🔗Kubescape: https://kubescape.io/
🔗Kubescape Operator: https://kubescape.io/docs/operator/
🔗 Kubescape controls: https://github.com/kubescape/regolibrary/tree/master/controls
🔗Kubescape Rego Libraryhttps://github.com/kubescape/regolibrary/
🔗 Kubescape Runtime Thread Detection rules: https://kubescape.io/docs/operator/runtime-threat-detection/#rule-bindings
🔗 Github: https://github.com/isItObservable/kubescape
📖 Chapters 📖
-----------------------------
00:00 intro
00:17 Welcome
01:25 Kubescape
04:29 Operator
07:39 Vulnerability
10:10 Network
11:31 Posture Managment
12:13 Runtime Thread Detection
14:31 Observability
20:45 Conclusion
-----------------------------
🔬 Want to learn more about tools that the cloud-native pros use? Check out the full list of my favorites over here on this YouTube playlist: • OpenTelemetry
Check out ALL my observability secrets, tips, and tricks in my blog: https://isitobservable.io/
👉✅ Stay connected with me!
BlueSky: https://bsky.app/profile/isitobservab...
LinkedIn: / isitobservable
Twitter: / isitobservable
IsItObservable is powered by Dynatrace’s own developer relations team. Subscribe to get observability reviews, tips and tricks, and tutorials tested by cloud-native experts. I review, test, and share results to help you succeed with platform engineering and observability.