From the course: Certified Kubernetes Security Specialist (CKS) Cert Prep

Unlock this course with a free trial

Join today to access over 25,300 courses taught by industry experts.

Scanning for cluster vulnerabilities

Scanning for cluster vulnerabilities - Kubernetes Tutorial

From the course: Certified Kubernetes Security Specialist (CKS) Cert Prep

Start my 1-month free trial Buy for my team

Scanning for cluster vulnerabilities

- This demonstration, we're going to take a look at Kubesec and very similar to what we saw with KubeLinter, you're going to have some capabilities with Kubesec to be able to look at your YAML files as well as helmfiles to be able to determine if they're appropriately secure or not. So let's go ahead and install it first. So here's how we would install it. We're going to do a wget, we're going to pull that down and then we're going to go ahead and extract that file. So here we'll do a tar on that to be able to decompress it. So that pulled it out, so now we have Kubesec binary there, and then we need to copy that over into our usr/bin directory. And then of course, at this point now we can just do a quick kube scan version to be able to make sure everything is configured. So yes, so we're running 2.14.1 and the current build date is fairly recent. So we're all set now for kube scan. Now an easy way to be able to test this is just find a pod that has vulnerabilities in it. So we're…

Contents