Kubernetes Posture Management
When you onboard a Kubernetes
Kubernetes, often abbreviated as “K8s”, orchestrates containerized applications to run on a cluster of hosts. cluster to CloudGuard, it immediately starts to apply Posture Management rules to the cluster. It can examine your clusters deployed at various cloud providers, as well as clusters located on premises. See Onboarding Kubernetes Clusters for details on how to onboard the clusters.
For more details on CloudGuard CSPM, see Cloud Security Posture Management (CSPM).
CloudGuard Workload Protection - Kubernetes Posture Management
Kubernetes Rules and Rulesets
To examine your Kubernetes clusters, CloudGuard uses rulesets as for all other onboarded environments. For your posture management, you can use general or vendor-specific rulesets.
|
|
Best Practice - Check Point recommends using rulesets developed for dedicated cloud providers:
For other platforms, use the latest CIS Kubernetes Benchmark and Kubernetes CloudGuard Best Practices rulesets. |
All available rulesets are shown on the Posture Management > Policy > Rulesets page. Filter the list for Platform: Kubernetes and Type: CloudGuard Managed.
For more information on CloudGuard rulesets, see Rules and Rulesets.
Kubernetes Posture Findings
The CloudGuard Compliance engine generates Kubernetes posture findings that show on the Events > Posture Findings page. For more details, see Posture Findings and Security Events.
To send email notifications on findings filtered by Kubernetes labels, see Configuring Notifications by Tags/Labels.
More Links
For Kubernetes terminology, see the Glossary in the Kubernetes documentation.