Compliance and Auditing

To guarantee compliance with industry standards and regulations, NeuVector provides a dashboard that displays the compliance status of your cluster nodes, images, and containers. To access it, navigate to the UI and click on Security Risks > Compliance. Here, you can view a list of compliance checks with their CIS ID, category, status, profile, and more.

The CIS ID is a unique identifier for each compliance check, for example:

D.1.2.2 ensures that the version of Docker is up to date.
I.4.8 checks if setuid and setgid permissions are removed in the image since they can be exploited by attackers.
K.1.2.30 ensures that the API Server only makes use of strong cryptographic ciphers
and so on.

Every ID, as you may have noticed, is prefixed with a letter that represents the category of the compliance check. For example:

D stands for Docker (the container),
I for Image,
K for Kubernetes.

This is also reflected in the Category

DevSecOps in Practice

A Hands-On Guide to Operationalizing DevSecOps at Scale

Enroll now to unlock all content and receive all future updates for free.

Unlock now ($29.99) Learn More

Previous Next