Compliance check

Support

Support for business applications

Kaspersky Container Security

Compliance check

3 July 2024

ID 269923

Kaspersky Container Security agents can check Kubernetes cluster nodes for compliance with the Kubernetes information security benchmarks.

Kaspersky Container Security checks for compliance with the Kubernetes benchmarks on Kubernetes versions 1.15–1.25.

The agent checks the state of the node where it is installed and sends the results to the Server. Check results are displayed in the Compliance section.

You can view the results of checks on cluster nodes for compliance with the Kubernetes benchmarks in the Compliance → Kubernetes benchmarks section. The node scan results are displayed in a table. By default, Kaspersky Container Security displays a list with the results of the last scan of all nodes in all clusters. The nodes in the list are not grouped; you can use the filter to build a list of objects according to the cluster name.

Above the scan results table, there is the Scan status section that displays the number of controls each status was assigned to during the scan. Kaspersky Container Security displays this information for the following scan statuses:

Passed—check completed successfully.
Warning—check shows that problems may occur during the execution of operations or tasks.
Failed—check revealed non-compliance with the benchmark.

You can select nodes with which statuses you want to display after the scan. To do this, in the Scan status section, select the button with the status that you want to hide. After that, the scan results table will only display the nodes whose benchmarks received this status (besides others) when scanned.

In Kaspersky Container Security, you can generate reports on the results of checks on compliance with the Kubernetes benchmarks. Depending on the level of detail you require, you can generate a Kubernetes benchmarks summary or detailed report. The list of generated reports is displayed under Administration → Reports.

Click the node name link to open a page with detailed information about the results of the node check.

The solution displays summary information at the top of the window. In the table, each benchmark is correlated with node compliance status.

You can check a node against the standard benchmarks by clicking the Rescan button.

Did you find this article helpful?

What can we do better?

Thank you for your feedback! You're helping us improve.