Hands-On Lab: Security Auditing with Kubescape

Kubescape is a Kubernetes security scanner that checks for misconfigurations, vulnerabilities, and compliance against frameworks like NSA-CISA and MITRE ATT&CK. This hands-on lab guides you through setting up and running Kubescape in a simple namespace.

Hands on Lab

Navigate to the EKS Directory:

cd /workspaces/ecr_eks_security_masterclass_public/eks/

Install Kubescape on your system:

curl -s https://raw.githubusercontent.com/kubescape/kubescape/master/install.sh | bash

Verify the installation:

export PATH=$PATH:/home/codespace/.kubescape/bin

kubescape version

Run a basic scan for the entire cluster:
```
kubescape scan framework nsa
```

To scan a specific namespace, create a namespace and deploy a sample workload:

kubectl create namespace kubescape-lab
kubectl run nginx --image=nginx --namespace=kubescape-lab

Scan only the kubescape-lab namespace:

kubescape scan framework nsa --include-namespaces kubescape-lab

After running the scan, you’ll see results highlighting:
- Critical issues (e.g., misconfigured RBAC, insecure ports).
- Compliance status.

Save the results to a file for further review:

kubescape scan framework nsa --output json > kubescape-results.json

Cleanup(Optional)

Delete the namespace and resources:
```
kubectl delete namespace kubescape-lab
```
Remove Kubescape:
```
rm $(which kubescape)
```

EKS Goat: AWS EKS Security Masterclass

Hands-On Lab: Security Auditing with Kubescape

Hands on Lab

Cleanup(Optional)