
Kubescape is the first tool for testing if Kubernetes is deployed securely as defined in Kubernetes Hardening Guidance by NSA and CISA
Use Kubescape to test clusters or scan single YAML files and integrate it to your processes.
Install
curl -s https://raw.githubusercontent.com/armosec/kubescape/master/install.sh | /bin/bash
Run
kubescape scan framework nsa --exclude-namespaces kube-system,kube-public
If you wish to scan all namespaces in your cluster, remove the –exclude-namespaces flag.
