Skip to content
  • There are no suggestions because the search field is empty.

How do I scan a Kubernetes (K8s) Cluster?

Use this guide to configure cluster authentication and set up a target in Security Center to start scanning your Kubernetes environment.

Gather cluster details
To ensure you get the proper authentication details, follow the instructions in the Kubernetes authentication guide.

Create a network asset

  1. Log in to Security Center.
  2. In the main navigation bar, hover over Assets.

  3. From the dropdown menu that appears, select Hosts & network.

  4. Click button Add hosts/network.

  5. Add the IP that is used by the Kubernetes API (e.g, for the API http://174.32.12.45:6443 enter the IP 174.32.12.45 for the network asset.)

    Detect internal services
    Detect and assess internal services running inside your Kubernetes cluster by adding the internal network of your cluster as an IP network/range asset:

    • This IP range needs to be included in the same scan as the API IP in order for the scan to automatically detect and create service assets
    For more infomation, see: How do I scan a cluster to find assets?

    Import the Scan profile

    1. Navigate to Scan Network > Scan profiles.
    2. Import the profile Kubernetes Scan: standard.

    Configure authentication

    1. Click Edit imported profile and go to the Authentication tab.
    2. Add a new Kubernetes authentication record.
      1. Enter the API URL and the Authentication token.
    3. Run an assesment targeting the cluster API asset, using this profile.
    4. Done!

    Supported scanner appliance versions
    Ensure that the Scanner Appliance in use must have at least revision 3.18.0 

    Understanding the results
    Once your Kubernetes scan has completed, you can widen your understanding of the results by reading the information in this article: How do I interpret Kubernetes vulnerabilites?