Kubescape comes with a few built-in frameworks, these frameworks are based on compliance requirements (like CIS) or industry best practices (like MITRE and NSA). In case, you want to customize your own framework, Kubescape allows you to create your own framework and choose the controls which are relevant to your organization.
Once you create this framework, you enjoy the same features as any framework, like seeing drifts, set exceptions, and risk score trends.
In order to create a custom framework using Kubescape Cloud Platform, you need to click on the settings button on the right, the upper side of the page.
A new tab appears with the settings.
Click on the Frameworks link in the left menu.
The list of the built-in frameworks appears.
Click on “New Framework”.
Enter the name of the framework, this is the name you will see when you use the Kubescape scan command (pay attention that it is case sensitive, meaning myFW is not the same as myfw).
Enter a description.
Chose which controls will be in this framework.
Congratulations! You have a new framework. You can see it in the framework list and use it to scan the cluster.
In case you forgot a certain control, you can add it by editing the framework or by clicking the Controls sub-menu and adding a control to the framework by clicking the “+” button.
Updated about 1 year ago