- Kaspersky Container Security 2.0 Help
- About the Kaspersky Container Security platform
- Solution architecture
- Standard deployment schemes
- Preparing to install the solution
- Solution installation
- Removing the solution
- Updating the solution
- Solution interface
- Licensing the solution
- Data provisioning
- Working with clusters
- View the list of clusters
- Namespaces in the cluster
- Pods in the cluster
- Visualization of cluster resources
- Working with images from registers
- Investigating security events
- Analyzing container forensics
- Searching container forensics
- Detailed information about a running process
- Detailed information about file operations
- Details information about network traffic
- Detailed information about detected malicious objects
- Restrictions on runtime policies
- Investigating container forensics while accounting for adjacent events
- Analyzing detected vulnerabilities
- Analyzing container forensics
- Integration with third-party resources
- Setting up integration with external image registries
- Минимально достаточные права для интеграции с реестрами
- Working with public registries without authorization
- Adding integrations with external image registries
- Viewing information about integrations with registries
- Deleting integration with external registry
- Harbor integration
- Creating an integration upon Harbor request
- Viewing and editing the Harbor External Integration settings
- Rescanning
- Integration with CI/CD
- Image scanning in CI/CD processes
- Configuring integration with GitLab CI/CD
- Configuring integration with Jenkins CI/CD
- Configuring integration with TeamCity CI/CD
- Defining the path to container images
- Monitoring the integrity and origin of images
- Running the scanner in SBOM mode
- Getting scan results in JSON or HTML format
- Running the scanner in lite SBOM mode
- Specifying secrets when starting a scan
- Configuring integration with image signature validators
- Setting up integration with notification outputs
- Configuring LDAP server integration
- Configuring integration with SIEM systems
- Integrating with HashiCorp Vault
- Setting up integration with external image registries
- Security policies configuration
- Scanner policies
- Assurance policies
- Response policies
- Runtime policies
- Creating a runtime policy
- Editing runtime policy settings
- Managing container runtime profiles
- Managing runtime autoprofiles
- Deleting policies
- Compliance check
- Configuring and generating reports
- File Threat Protection
- Users, roles, and scopes
- Managing users
- About user roles
- Действия в рамках системных ролей
- Displaying list of roles
- About scopes
- Scopes and enforcement of security policies
- Switching between scopes
- Adding users, roles, and scopes
- Resetting password for user accounts
- Changing settings for users, roles, and scopes
- Removing users, roles, and scopes
- Using Kaspersky Container Security OpenAPI
- Security event log
- Information about the status of solution components
- Ensuring safety and reliability of components
- Managing the dynamics of data accumulation
- Creating a user for an external PostgreSQL database
- Backing up and restoring data
- Contacting Technical Support
- Sources of information about the application
- Limitations and warnings
- Glossary
- Third party code information
- Trademark notices
- ATT&CK MITRE Terms of Use
Working with images from registers > Misconfiguration control of images
Misconfiguration control of images
Misconfiguration control of images
Kaspersky Container Security allows detecting misconfigurations in configuration files using the configuration file scanner. This scanner can scan images, file systems, and repositories that contain
IaC
files (for example, Terraform, CloudFormation, Azure ARM templates, Helm Chart and Dockerfile packages).
Infrastructure as a Code is an approach to managing and describing infrastructure through configuration files instead of manually editing server configurations.
Kaspersky Container Security scans the following configuration files:
- Configuration files of Kubernetes objects.
- Pod
- ReplicaSet
- ReplicationController
- Deployment
- DeploymentConfig
- StatefulSet
- DaemonSet
- CronJob
- Job
- Services
- ConfigMaps
- Roles and СlusterRoles rights and commands
- ClusterRoleBindings and RoleBindings
- Network policy (ingress and egress connections)
- Configuration files of cluster components.
- Configuration files of images.
- Configuration files of Amazon cloud environment services.
- Amazon IAM policies
- API Gateway
- Amazon Athena
- Amazon CloudFront
- Amazon CloudTrail
- Amazon CloudWatch
- Amazon CodeBuild
- Amazon Config
- Amazon DocumentDB databases
- Amazon DynamoDB Accelerator
- Amazon Elastic Compute Cloud
- AWS Elastic Container Registry
- Amazon Elastic Container Service
- Amazon Elastic File System
- Amazon Elastic Kubernetes Service
- Amazon ElastiCache
- Amazon Elasticsearch
- Amazon Elastic Load Balancing
- Amazon Elastic MapReduce
- Amazon Identity and Access Management.
- Amazon Kinesis
- Amazon Key Management Service
- Amazon Lambda
- Amazon MQ Broker
- Amazon Managed Streaming for Apache Kafka
- Amazon Neptune
- Amazon Relational Database Service
- Amazon Redshift
- Amazon Simple Storage Service
- Amazon Serverless Application Model
- Amazon Simple Notification Service
- Amazon Simple Queue Service
- Amazon Secrets Manager
- Amazon Workspaces
- Configuration files of Azure cloud environment services.
- Azure App Service
- Azure Compute
- Azure Container Service
- Azure SQL Database
- Azure Data Factory
- Azure Data Lake
- Azure Key Vault
- Azure Monitor
- Services responsible for the network interaction of Azure
- Azure Security Center
- Azure Storage
- Azure Synapse Analytics
- Azure IAM policies
- Configuration files of the DigitalOcean cloud environment.
- Configuration files of the ApacheCloudStack cloud environment.
- Configuration files of Terraform GitHub Provider.
- Configuration files of Google cloud environment services.
- Google BigQuery
- Google Compute Engine
- Google Cloud DNS
- Google Cloud IAM policies
- Google Cloud Key Management Service
- Google Cloud SQL
- Google Cloud Storage
- Configuration files of Nifcloud Provider.
- Computing
- DNS
- NAS
- Network
- Rdb
- SSL certificates
- Configuration files of OpenStack.
- Computing
- Networking
- Configuration files of Oracle Compute Cloud.
The following table lists the types of configuration files and configuration files formats that Kaspersky Container Security supports.
Types and formats of configuration files
File type |
File format |
|---|---|
Kubernetes |
*.yml, *.yaml, *.json |
Docker |
Dockerfile, Containerfile |
Terraform |
*.tf, *.tf.json, *.tfvars |
Terraform Plan |
tfplan, *.tfplan, *.json |
CloudFormation |
*.yml, *.yaml, *.json |
Azure ARM Template |
*.json |
Helm |
*yaml, *.tpl, *.tar.gz |
YAML |
*.yaml, *.yml |
JSON |
*.json |
Article ID: 293438, Last review: Dec 5, 2024