Running a command-line scan
You can scan a cluster using kubescape scan
. These are the default options we suggest you start with:
kubescape scan --verbose --enable-host-scan --submit
--verbose
: display all resources, including those that do not trigger a security control--enable-host-scan
: turn on host scanning--submit
: send the scan results to ARMO Platform
If you do not specify a certain framework, all frameworks will be tested against.
Updated about 2 months ago