Octarine releases open source security scanning tools for Kubernetes

Octarine, a startup that helps automate security of Kubernetes workloads, released an open source scanning tool today. The tool, which is called KubeScan, is designed to help developers understand the level of security risk in their Kubernetes clusters.
The company is also open sourcing a second tool called KCSS, which is the underlying configuration framework used in KubeScan.
As Ocatrine’s head of product Julien Sobrier points out, there are 30 security settings in Kubernetes and KubeScan can help you see where you might be vulnerable on any one of them, measured on a scale of 0-10, with 10 being extremely vulnerable.
“Kubernetes gives a lot of flexibility and a lot of power to developers. There are over 30 security settings, and understanding how they interact with each other, which settings make security worse, which one make it better, and the impact of each selection is not something that’s easy to measure or explain,” Sobrier told TechCrunch.
Octarine wants to help with these two open source tools. It started by building KCSS, a vulnerability model based on the industry standard Common Vulnerability Scoring System (CVSS), to provide a risk assessment framework for KubeScan.
“We’ve taken this model of CVSS and applied into Kubernetes. This helps explain to users, what are the security settings that are causing risk? What is the danger to the workload in terms of availability of the cluster, integrity of the cluster and confidentiality of the cluster,” Sobrier explained. This gives developers and operations a common system for understanding of the security posture of the cluster, and makes it easier for them to decide whether the risk is acceptable or not.
Octarine releases open source security scanning tools for Kubernetes
KubeScan result. Screenshot: Octarine (cropped)
See also:
Leave a comment
  • Latest
  • Read
  • Commented
Calendar Content
«    Апрель 2020    »