The Cloudvisory Security Platform (CSP) supports cloud-native integration with Kubernetes (k8s) APIs.
In addition to API-based security monitoring and management for resident Kubernetes Namespaces and resources (e.g. Pods, Containers, NetworkPolicies, network flows, etc), CSP establishes Compliance Assurance for underlying Kubernetes infrastructure(s) by running and tracking SSH-based Compliance Checks that implement the Kubernetes CIS Benchmark.
Multiple Kubernetes accounts, of any size and "scope", may be configured as Kubernetes Provider Accounts in CSP. For each configured Kubernetes Provider Account – CSP continuously discovers and processes new and updated assets, metadata, security controls & security events for all in-scope Kubernetes Clusters, Namespaces and their resident resources. By processing updates according to policies configured in CSP – and through the same cloud-native API integrations – events trigger governance actions such as compliance remediation and policy enforcement. In this way, CSP provides Visibility, Compliance & Governance for Kubernetes assets, metadata, security controls & security events such as: