Victor Szalvay Profile picture
PM @googlecloud, Kubernetes, containers, DevOps. Opinions are my own.

Oct 26, 2022, 8 tweets

Kubernetes and container security can be hard. We hear you. That's why #GKE now provides built in workload security posture management in public preview.
cloud.google.com/blog/products/…

🧵Let's dive in!

Once enabled for your clusters, GKE security posture scans your workloads on two dimensions:
- Misconfigurations (comparing against CNCF pod spec security standards
- OS level CVE vulnerabilities

These are surfaced in a snazzy dashboard with opinionated severity ratings

Drill down and slice and dice to find the concerns that matter most.

GKE provides actionable advise on vulnerabilities...

... and configuration issues (comparing against the CNCF pod spec security standards):

Most importantly, GKE ties that advise to your running workloads. So there is no doubt about where these issues are lurking.

And for those of us that don't live in dashboards, concerns are logged in Cloud Logging. Use "sinks" to create pub/sub events for aggregation in SIEMs, ticketing systems, etc.

Other than loggging, all of this comes with GKE (Autopilot and Standard modes) at no extra charge!

Share this Scrolly Tale with your friends.

A Scrolly Tale is a new way to read Twitter threads with a more visually immersive experience.
Discover more beautiful Scrolly Tales like this.

Keep scrolling