Mondoo
Docs
CloudKubernetes

Assess Kubernetes Security with cnspec

Secure your Kubernetes environment by scanning for vulnerabilities and misconfigurations with cnspec.

cnspec secures your Kubernetes environment by finding vulnerabilities and misconfigurations across clusters, deployments, pods, services, RBAC, and more. With 50+ queryable resources, you can scan any aspect of your cluster configuration and catch issues before they reach production.

Assess your cluster

Assess a Kubernetes Cluster: Scan your cluster for security best practices across pods, deployments, services, RBAC roles, network policies, and workload configurations.

Scan manifests before deployment

Assess Kubernetes Manifests: Scan Kubernetes YAML manifests for misconfigurations during development or in CI/CD pipelines, before they ever reach your cluster.

Continuously scan with Mondoo Platform

Go beyond one-off scans. Use Mondoo Platform and the Mondoo Kubernetes Integration to continuously monitor your clusters. Get a real-time security dashboard, track your posture over time, and catch new misconfigurations as workloads change.

Workload Identity Federation

Use Workload Identity Federation to let a service account in one GCP project scan resources in other GCP projects without exporting keys.

Assess a Cluster

Scan your Kubernetes cluster for security misconfigurations with cnspec.

On this page

Assess your clusterScan manifests before deploymentContinuously scan with Mondoo Platform