kubescape-operator-1.18.14

1.18.14 Release Notes

🚀 Enhancements

• New rules for the thread detection capability by @amitschendel in #439
• Do not scan large images, configure kubevuln.maxSBOMSize=20971520
  GA: rule-based alerting

Install

For installation, add the following flags to the installation command:

runtimeDetection: Detect unexpected file exec/file open and network
malwareDetection: Anti-virus

--set capabilities.runtimeDetection=enable \
--set capabilities.malwareDetection=enable \
--set capabilities.nodeProfileService=enable \
--set alertCRD.installDefault=true \
--set alertCRD.scopeClustered=true \
--set nodeAgent.config.prometheusExporter=enable

🐞 Fixed issues

• Adding proxy-secret volume to the discovery job by @dwertent in #436

Full Changelog: kubescape-operator-1.18.13...kubescape-operator-1.18.14

kubescape-operator-1.18.13

1.18.13 Release Notes

This is a hot-fix release, see 1.18.12 release notes.

🚀 Enhancements

• Adding priorityClassName to node-agent by @dwertent in #433

🐞 Fixed issues

• Bump storage with hotfix by @matthyx in #434

Full Changelog: kubescape-operator-1.18.12...kubescape-operator-1.18.13

kubescape-operator-1.18.12

1.18.12 Release Notes

📢 Updates

We updated the internal package responsible for generating the SBOM and the vulnerabilities report. This change might impact some scanning results, making them more accurate.

🚀 Enhancements

• Bump syft and grype versions by @dwertent in #431
• Update the microservices images by @matthyx in #432

Rule-based alerting installation guide

Full Changelog: kubescape-operator-1.18.11...kubescape-operator-1.18.12

kubescape-operator-1.18.11

1.18.11 Release Notes

🚀 Enhancements

Beta (release candidate): rule-based alerting

• Rule-based alerting - beta version RC by @dwertent in #427

Install

For installation, add the following flags to the installation command:

runtimeDetection: Detect unexpected file exec/file open and network
malwareDetection: Anti-virus

--set capabilities.runtimeDetection=enable --set capabilities.malwareDetection=enable --set alertCRD.installDefault=true --set alertCRD.scopeClustered=true --set nodeAgent.config.prometheusExporter=enable

🐞 Fixed issues

• Fixed SBOM encoding in storage by @dwertent in #424

Full Changelog: kubescape-operator-1.18.10...kubescape-operator-1.18.11

kubescape-operator-1.18.10

1.18.10 Release Notes

🚀 Enhancements

Alpha release: rule-based alerting
In this release, we are introducing runtime-based alerting to detect malicious behavior in the applications running in the cluster.
Feel free to contact us if you are interested in testing it out :)

Install

For installation, add the following flags to the installation command:

• runtimeDetection: Detect unexpected file exec/file open and network
• malwareDetection: Anti-virus

--set capabilities.runtimeDetection=enable --set capabilities.malwareDetection=enable 

Alerts

The alerts should be available in Prometheus.
Enable the serviceMonitor:

--set nodeAgent.serviceMonitor.enabled=true

@dwertent @amirmalka @amitschendel #416

🐞 Fixed issues

• Fixed cronJob headers by @matthyx in #415
• Operator getting stuck by @matthyx in #415

Full Changelog: kubescape-operator-1.18.8...kubescape-operator-1.18.10

kubescape-operator-1.18.9

1.18.9 Release Notes

🚀 Enhancements

Alpha release: rule-based alerting
In this release, we are introducing runtime-based alerting to detect malicious behavior in the applications running in the cluster.
Feel free to contact us if you are interested in testing it out :)

Install

For installation, add the following flags to the installation command:

• runtimeDetection: Detect unexpected file exec/file open and network
• malwareDetection: Anti-virus

--set capabilities.runtimeDetection=enable --set capabilities.malwareDetection=enable 

Alerts

The alerts should be available in Prometheus.
Enable the serviceMonitor:

--set nodeAgent.serviceMonitor.enabled=true

@dwertent @amirmalka @amitschendel #416

🐞 Fixed issues

• Fixed cronJob headers by @matthyx in #415
• Operator getting stuck by @matthyx in #415

Full Changelog: kubescape-operator-1.18.8...kubescape-operator-1.18.9

kubescape-operator-1.18.8

1.18.8 Release Notes

🚀 Enhancements

• Adding contextual remediation (remediation based on runtime data) by @matthyx in #410

🐞 Fixed issues

• Fix potential race conditions in the synchronizer
• Removed deprecated summary objects

Full Changelog: kubescape-operator-1.18.7...kubescape-operator-1.18.8

kubescape-operator-1.18.7

Kubescape is an E2E Kubernetes cluster security platform

kubescape-operator-1.18.6

1.18.6 Release Notes

🐞 Fixed issues

• Hotfix registry scanning

Full Changelog: kubescape-operator-1.18.5...kubescape-operator-1.18.6

kubescape-operator-1.18.5

1.18.5 Release Notes

🚀 Enhancements

• Set default cluster name by @dwertent in #400
• add skip TLS verify in registry creds secret by @amirmalka in #402
• Bump images to the latest release by @matthyx in #403

🐞 Fixed issues

• Set continues-scanning to disable when there is an adaptor
• Improve image vulnerability scanning results

Full Changelog: kubescape-operator-1.18.4...kubescape-operator-1.18.5