Security: Clusters

In the Security Clusters Overview page, you can view and manage security scans for your Kubernetes clusters.

You will be presented with a list of all Kubernetes clusters defined in your organization. Clicking on a cluster will take you to the security dashboard for that cluster.

Note

  • On some platforms, system namespaces are excluded from security scans. These include:

    • On OpenShift clusters, namespaces starting with the prefix “openshift-“.

    • On Rancher clusters, “cattle-system” namespace.

  • With the Free service plan, you can use the cluster security scan up to 3 times for each cluster per month. Paid plans include unlimited security scans.

  • With the Free service plan, you can keep the security scan results for up to 30 days. With paid plans, you can keep the security scan results for up to 366 days.

The Cluster Results Dashboard

The latest security scan results will automatically be selected. Click on Change Scan to display the results from a different scan. You will see the start, end, and expiration times and the completion status for the selected scan job. The timestamps are displayed using the system time zone (TZ) of your workstation.

You can download a summary of the security scan results in CSV format by clicking Export report.

Restriction: Exporting the security scan reports in CSV is not available for the Free Service Plan.

There are four tabs below the summary information: Overview, Container Scan, Configuration Scan, and Bookmarks.

  • The Overview tab displays scan statistics including a pie chart of detected vulnerabilities by category and a count of total detected vulnerabilities.

  • The Container Scan tab contains information about vulnerabilities detected in containers from the scanned cluster(s). These include known vulnerabilities in the container base images and all additional layers, and any configuration issues with the containers.

  • The Configuration Scan tab contains information about checks done on the configuration of the Kubernetes cluster itself.

  • The Bookmarks tab allows you to quickly view items that you have bookmarked. Bookmarked items are grouped by scan type.

For each scan type, you can choose to view the scan results grouped in different ways. For example, in the Container Scan tab you can choose to group by “Severity”, “Resource”, or “Target”.

Once you open the results viewer, you can filters the results by clicking on the Filter button in the upper left corner of the page.

For any record, you can click Bookmark to add a bookmark. Bookmarked items can be easily viewed later in the Bookmarks tab. Bookmarks are shared by all of the users in your organization who have access to security scan results.

See also

To manage security scan jobs or to run either one manually, follow the instructions in Security: Scan Jobs.

Clusters Scan History

The Clusters Scans page (Security/Clusters Scan History) lists available cluster scan results from all scan jobs. The table displays summary details for each scan including Name, start time, end time, scanned clusters, and state. Clicking on a scan will take you to the Cluster Results Dashboard to display the results for that scan.