Cloud Native Rejekts EU (Valencia) 2022

What have we learned from scanning over 10K unique clusters with Kubescape?
2022-05-15, 16:20–16:50, Gallery

Kubescape is a K8s open-source tool providing a multi-cloud K8s single pane of glass, including risk analysis, security compliance, RBAC visualizer, and image vulnerabilities scanning. Kubescape scans K8s clusters, YAML files, and HELM charts, detecting misconfigurations according to multiple frameworks (such as the NSA-CISA, MITRE ATT&CK®), software vulnerabilities, and RBAC (role-based-access-control) violations at early stages of the CI/CD pipeline, calculates risk score instantly and shows risk trends over time. In the last 6 months, we have scanned over 10K unique clusters and learned a great deal about the state of Kubernetes risk, compliance, and vulnerability. In this session, Shauli Rozen, ARMO CEO & Co-Founder, will share interesting insight on why and where Kubernetes deployments are failing, weak spots, and how to get better. He will reveal interesting statistics on K8s cluster risk score and trends, which controls usually fail, and what kind of vulnerabilities everyone has in their clusters.