{"id":596741,"date":"2023-01-12T05:49:12","date_gmt":"2023-01-12T11:49:12","guid":{"rendered":"https:\/\/news.sellorbuyhomefast.com\/index.php\/2023\/01\/12\/cncf-accepts-kubescape-as-its-first-security-and-compliance-scanner-project\/"},"modified":"2023-01-12T05:49:12","modified_gmt":"2023-01-12T11:49:12","slug":"cncf-accepts-kubescape-as-its-first-security-and-compliance-scanner-project","status":"publish","type":"post","link":"https:\/\/newsycanuse.com\/index.php\/2023\/01\/12\/cncf-accepts-kubescape-as-its-first-security-and-compliance-scanner-project\/","title":{"rendered":"CNCF accepts Kubescape as its first security and compliance scanner project"},"content":{"rendered":"<div><main id=\"genesis-content\"><\/p>\n<article aria-label=\"CNCF Accepts Kubescape as Inaugural Open Source Security Scanner\">\n<div>\n<figure>\n<\/figure>\n<p>ARMO\u2019s open source <a title=\"What is Software-Defined Security? \u2014 Definition\" href=\"https:\/\/www.sdxcentral.com\/security\/definitions\/data-security-in-the-cloud-best-practices\/what-is-software-defined-security\/\">security<\/a> project Kubescape is now part of the <a title=\"Cloud \u2014 Definition\" href=\"https:\/\/www.sdxcentral.com\/cloud\/definitions\/what-is-cloud\/\">Cloud<\/a> Native Computing Foundation\u2019s (<a title=\"Cloud Native Computing Foundation\" href=\"https:\/\/www.sdxcentral.com\/directory\/cloud-native-computing-foundation-cncf\/\">CNCF<\/a>) sandbox in an attempt to \u201cbecome that free, open source, end-to-end security platform,\u201d according to Craig Box, VP of open source at ARMO.<\/p>\n<p>It was always part of the plan to donate the open source security scanner to the CNCF, he said, citing the difference between DevOps teams\u2019 ideal use of software and code \u2013 in an open, transparent way as part of a community \u2013 and the way most security vendors design proprietary solutions.<\/p>\n<p>Box dove into the details of the Kubescape project and what it means to be the first security scanner donned by the CNCF over an email-conducted interview.<\/p>\n<p><b>SDxCentral: <\/b>How does Kubescape work, and what problems does it aim to solve?<\/p>\n<p><b>Box: <\/b>Kubescape is an open-source <a title=\"What Is Kubernetes? Definition\" href=\"https:\/\/www.sdxcentral.com\/cloud\/containers\/definitions\/what-is-kubernetes-definition\/\">Kubernetes<\/a> security solution. It scans for misconfigurations inside manifest files like YAML and Helm throughout the <a title=\"What Is Converged Infrastructure? \u2014 Explained\" href=\"https:\/\/www.sdxcentral.com\/data-center\/hyperconverged\/definitions\/what-is-converged-infrastructure\/\">CI<\/a>\/CD [<a title=\"What Is CI\/CD? \u2014 Definition\" href=\"https:\/\/www.sdxcentral.com\/cloud\/devops\/definitions\/what-is-ci-cd-definition\/\">continuous integration\/continuous delivery<\/a>] pipeline and inside Kubernetes clusters. It also scans for vulnerabilities (CVEs) in container image registries (e.g. <a href=\"https:\/\/docker.io\/\">docker.io<\/a>. Quay.io, ECR, etc.) and images inside clusters.<\/p>\n<p>It helps DevOps\/DevSecOps to understand their Kubernetes security posture, evaluate their security risks, and suggest fixes and remediation paths to harden the environment.<\/p>\n<p>Kubescape can easily be integrated into different CI\/CD tools like Jenkins, CircleCI, GitHub Actions, GitLab, IDEs (i.e. Visual Studio Code) Prometheus, Lens, Docker, and others to provide security insights where and when the user needs them. It can help companies achieve security compliance like <a title=\"What Is the SOC 2 Security Standard?\" href=\"https:\/\/www.sdxcentral.com\/security\/definitions\/data-security-regulations\/what-is-soc-2-security-standard\/\">SOC2<\/a> using different industry frameworks like CIS, NSA, and MITRE.<\/p>\n<p>Kubescape aims to solve two big problems:<\/p>\n<ul>\n<li>Security vs. agility:\u00a0 Gartner predicts that through 2025, more than 99% of cloud breaches will originate from preventable misconfigurations or mistakes by end users. But\u2026a recent survey by Red Hat showed that 55% had to delay or slow down application development into production due to container or Kubernetes security concerns.<\/li>\n<li>Open source vs. proprietary: Organizations either have to choose costly, black-box, inflexible, proprietary security platforms for Kubernetes, or they try to cobble together multiple open source security tools to give them enough coverage. There is no complete open source security solution. Kubescape is working to become that free, open source, end-to-end security platform.<\/li>\n<\/ul>\n<p><b>SDxCentral:<\/b> What is the significance of Kubescape being the first security scanner to become a CNCF-accepted project?<\/p>\n<p><b>Box:<\/b> Security companies have created open source security scanning tools before. These tools, though, are usually made by vendors who don\u2019t have an interest in building a community around these tools, as they would potentially compete with their commercial business.<\/p>\n<p>These vendors are trying to be everything to everyone, and they are not focused 100% on Kubernetes like ARMO is. We have made a bet that cloud native is the future, and while we will integrate with the full security ecosystem, our engineering focus is totally on building a best-of-breed product for Kubernetes users.<\/p>\n<p>The CNCF is the leading forum for managing <a title=\"Open Source\" href=\"https:\/\/www.sdxcentral.com\/cloud\/open-source\/\">open source projects<\/a> in the Kubernetes space: for the community by the community. CNCF has a set of rules, procedures, processes, and teams that can help a project like Kubescape scale and thrive.<\/p>\n<p>It also provides certainty to enterprises, who know they can use and contribute to Kubescape safely because there is a well-known body behind it and that it is governed in an open and fair way.\u00a0Many companies consider CNCF membership either a shorthand demonstrating good governance, or even a \u201cmust have\u201d to adopt an open source project.<\/p>\n<p><b>SDxCentral: <\/b>What is next for the platform following CNCF acceptance?<\/p>\n<p><b>Box:<\/b> ARMO will continue leading development for Kubescape even though the project is technically now \u2018owned\u2019 by the CNCF, and there\u2019s a roadmap with new features on the way. We plan to build support and integrate with other CNCF projects. We also want to invest in a broad community of contributors.<\/p>\n<p>As a company, ARMO\u2019s commercial offering \u2014 ARMO platform \u2014 is powered by Kubescape, and offers full enterprise-grade support, maintenance, and additional features.<\/p>\n<\/div>\n<section>\n<header>\n<h2>Read Next<\/h2>\n<\/header>\n<\/section>\n<p><\/main><\/div>\n<p><a href=\"https:\/\/www.sdxcentral.com\/articles\/interview\/cncf-accepts-kubescape-as-inaugural-open-source-security-scanner\/2023\/01\/\" class=\"button purchase\" rel=\"nofollow noopener\" target=\"_blank\">Read More<\/a><br \/>\n Qiana Geddes<\/p>\n","protected":false},"excerpt":{"rendered":"<p>ARMO\u2019s open source security project Kubescape is now part of the Cloud Native Computing Foundation\u2019s (CNCF) sandbox in an attempt to \u201cbecome that free, open source, end-to-end security platform,\u201d according to Craig Box, VP of open source at ARMO. It was always part of the plan to donate the open source security scanner to the<\/p>\n","protected":false},"author":1,"featured_media":596742,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[23536,117914,46],"tags":[],"class_list":{"0":"post-596741","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-accepts","8":"category-kubescape","9":"category-technology"},"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/posts\/596741","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/comments?post=596741"}],"version-history":[{"count":0,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/posts\/596741\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/media\/596742"}],"wp:attachment":[{"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/media?parent=596741"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/categories?post=596741"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/tags?post=596741"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}