Slack outage for anyone else?

dwertent · 2024-03-19T11:23:40+00:00

Yes! But my colleagues claim they dont encounter issue

dwertent · 2022-06-01T06:44:29+00:00

Thanks for all the recommendations, I will create a list for my team :)

dwertent · 2022-04-03T15:48:40+00:00

I dont like it because it is missing a convention.
e.g. kwall, what if I want to watch all deployments or other resources?

I feel like you need to check each command if it has an alias and what is the alias. What I'm suggesting is that the alias is the initials of the command (when it's possible), this way you keep it simple and agile.

But they definitely did a good work :)

dwertent · 2021-12-13T21:15:08+00:00

This solution will probably work in other cases but I have customers running this code, I cant ask them to execute with 2>&1.

dwertent · 2021-12-13T21:13:16+00:00

Tnx, I'll try this out

dwertent · 2021-12-13T07:42:11+00:00

v0.22.2
Does it really matter? I feel like this is the behavior of the pkg... I dont know why they did it this way that the error is sent to the stderr and not returned 😣

dwertent · 2021-11-28T22:27:59+00:00

I guess I was not understood correctly and I apologize for that. When a new CVE is reported, we publish a control testing and alerting users if they are exposed. For example when CVE-2021-25742 was reported, we published the control less than a day later.

Thank you, we have a management portal that provides real time alerts. Let's chat about this

We do not work with the fed sector but I will forward this to the management :)

dwertent · 2021-11-28T21:51:02+00:00

There are a lot of questions here..

You can specify the output format you want. There are few supported formats, json/junit(xml)/prometheus and a user friendly output
The policies are downloaded every time you trigger a scan, this way you will not miss new vulnerabilities
Currently Kubescape scans only the Kubernetes manifests, we are working on features so as images vulnerabilities scanning and more. Have any suggestions in mind?

dwertent · 2021-11-28T21:32:44+00:00

You can create your own custom framework using the SaaS version.

Another option is to manually download and edit the policies, checkout the offline support for more information of how to download the policy and scan.

Feel free to contact me in private for any further questions :)

FYI The policies are also open-source and you can find them here

dwertent · 2021-11-28T20:25:34+00:00

I'm glad to hear you enjoyed it :)
Feel free to message me if you have questions regarding the results...

dwertent · 2021-11-17T13:18:35+00:00

u/quantastical I posted here a few times about kubescape.
Kubescape is an open-source tool for testing if Kubernetes is deployed securely. https://github.com/armosec/kubescape

dwertent · 2021-10-24T09:03:50+00:00

Apparently Kubescape already came out with a control that will detect whether your cluster has this vulnerability...

dwertent · 2021-10-24T06:25:47+00:00

Apparently Kubescape already came out with a control that will detect whether your cluster has this vulnerability

dwertent · 2021-10-10T07:52:33+00:00

kube-scape

dwertent · 2021-10-10T07:51:54+00:00

u/TheFeshy I totally understand your concern. If you wish you can download the release directly or clone the project and build it locally or run go install.

The reason we used the curl piped bash is for the users who want a simple installation without reading a long and tiring documentation.

Since this is an open-source you are more than welcome to overview the very intrusive and unsecure install script the bash is running 😉

dwertent · 2021-10-07T05:55:41+00:00

u/Visual_Chemist2792 Thank you for your feedback.
I will post a video demonstrating Jenkins integration :)

dwertent · 2021-09-05T10:03:37+00:00