Using kubescape

Kubescape is a Kubernetes security scanner that checks cluster configurations and IaC manifests against security frameworks including NSA-CISA, MITRE ATT&CK, CIS, and SOC2. It can scan live clusters, local manifest files, Helm charts, and YAML files.

Scans live Kubernetes clusters and local manifest files
Frameworks: NSA-CISA, MITRE ATT&CK, CIS Kubernetes, SOC2
Supports Helm charts, Kustomize, and raw YAML
Outputs to table, JSON, HTML, and SARIF

Prepare the Environment

No setup required. Run from the shell.

Gather Data

Scan Local Kubernetes Files

kubescape scan <path>                  # e.g. kubescape scan .
kubescape scan <path> --format json --output /output/kubescape-results.json

Scan a Live Cluster

# Ensure kubectl is configured and connected to the cluster
kubescape scan
kubescape scan --format html --output /output/kubescape-report.html

Scan Against a Specific Framework

kubescape scan framework nsa
kubescape scan framework mitre
kubescape scan framework cis-v1.23-t1.0.1

Scan a Helm Chart

kubescape scan <helm-chart-directory>

Scan a Specific Namespace

kubescape scan --include-namespaces <namespace>

List Available Frameworks

kubescape list frameworks

Known Issues

TBC

Additional Information

GitHub Repo

Using kubescape - SethBodine/audit-tools GitHub Wiki

Using kubescape

Prepare the Environment

Gather Data

Scan Local Kubernetes Files

Scan a Live Cluster

Scan Against a Specific Framework

Scan a Helm Chart

Scan a Specific Namespace

List Available Frameworks

Known Issues

Additional Information

⚠️ GitHub.com Fallback ⚠️

Using kubescape - SethBodine/audit-tools GitHub Wiki

Using kubescape

Prepare the Environment

Gather Data

Scan Local Kubernetes Files

Scan a Live Cluster

Scan Against a Specific Framework

Scan a Helm Chart

Scan a Specific Namespace

List Available Frameworks

Known Issues

Additional Information

⚠️ **GitHub.com Fallback** ⚠️

⚠️ GitHub.com Fallback ⚠️