-
Notifications
You must be signed in to change notification settings - Fork 819
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Evidence of finding in output #1563
Labels
feature
New feature or request
Comments
@felix-caboff Did you consider scanning with the
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Overview
Forgive me if this is already present, I can't find it documented anywhere, I am also not wildly experienced with Kubernetes so this may be obvious to others but not for the uninitiated.
At the moment Kubescape gives a neat reference for where it found the issues it is reporting, but, it would be really helpful to have direct evidence of any failures.
Problem
My use case is to provide digestable reports identifying areas of improvement, however, I am required to validate all findings with direct evidence. This is for two reasons: to ensure that there are no false positives; and to ensure corrective action can be directly evidences by a change within the environment. At the moment, Kubescape gives lots of very well formatted material, but, it can be difficult to identify how it came to it's conclusions.
Solution
Kubescape could have an extra flag that enabled the user to see relevant configuration / evidence / data, or even identify any locally cached data and a regex with which the user could find the relevant sections.
Alternatives
Kubescape could suggest kubectl or similar command that exposes the relevant data. That way the user could choose to run the extra command and interrogate the data that way.
Additional context
None that I can think of.
The text was updated successfully, but these errors were encountered: