Cluster benchmarks report

The report provides information about the compliance of cluster resources with benchmarks. You can generate a report for one or more clusters.

The report includes the following information:

• Date and time when the report was generated.
• Name of the checked cluster. If the report is generated for multiple clusters, the report presents information broken down by cluster.
• Date and time of the scan.
• The categories and subcategories of controls selected when the report was generated. By default, the report is generated for all categories and subcategories of controls in the cluster. If you need to generate a report for resources in a specific category and subcategory of controls, specify the relevant categories or subcategories.
• Compliance score as a percentage.
• The number of controls that could not be checked.
• The number of resources in the cluster that are not compliant with benchmarks.

The report also includes a table with the following information about the compliance of cluster resources with benchmark controls:

• ID and name of the control
• Severity of the control
• Remediation recommendations
• Category of the control
• Compliance score as a percentage
• Number of non-compliant resources for each control found

Cluster benchmark controls represent the most important cluster configuration parameters that can be exploited by hackers conducting cyber attacks. The controls are based on a systematic description of cybersecurity hardening techniques and tactics in the MITRE and NSA/CISA benchmarks. Analyzing the compliance of cluster resources with benchmark controls allows ensuring an appropriate level of protection and timely identifying risks to the infrastructure.

By default, reports are generated for resources at all severity levels (Critical, High, Medium, and Low) that have been checked for compliance with all benchmarks (MITRE and NSA/CISA). If you need to generate a report for resources with a specific severity and a check for compliance with a specific benchmark, use the filter to select the values that you need. Kaspersky Container Security updates the display of the compliance check results, and a report is generated for resources with the relevant parameters.

Page top