Security: Clusters

In the Overview page for cluster security, you can view and manage a list of security scan jobs for your Kubernetes clusters.

Tip

Before planning the security scans for the Kubernetes clusters, review the following tips:

  • The cluster security scan is not available for Red Hat OpenShift clusters.

  • The Free plan can use the cluster security scan for up to 3 times for each cluster, for each month. The paid plans can use the cluster security scan unlimitedly.

  • With the Free service plan, you can keep the security scan results for up to 30 days. With paid plans, you can keep the security scan results for up to 366 days.

  1. In the inventory pane, click the Kubernetes cluster to see its security scan result.

  2. In the action pane, you can see the scan times and scan job status. The timestamps are using the system time zone (TZ) of your workstation.

    Download a summary of security scan results in CSV format by clicking Export report.

    Restriction: Exporting the security scan reports in CSV is not available for the Free Service Plan.

  3. In the information pane, there are six tabs: Overview of the following scan results, four types of scan results–Container Scan, Container Scan, Configuration Scan, Benchmark Scan, and Network Scan–and Bookmarks.

  4. For each scan type, you can group by the scan result records. For example, in the Network Scan tab, you can select either group from “Severity”, “Category”, “Location”, and “Vulnerability”.

  5. Drill down the group and you can use filters.

  6. For any record, you can click Bookmark to add a bookmark. In the Bookmarks tab, all bookmarked records are grouped by the scan type, and you can use the filters too.

See also

To manage security scan jobs or to run either one manually, follow the instructions in Security: Scan Jobs.