By using the StackRox Kubernetes Security Platform you can assess, check, and report on the compliance status of your containerized infrastructure. You can run out-of-the-box compliance scans based on industry standards including:
- CIS Benchmarks (Center for Internet Security) for Docker and Kubernetes,
- HIPAA (Health Insurance Portability and Accountability Act),
- NIST Special Publication 800-190 and 800-53 (National Institute of Standards and Technology), and
- PCI DSS (Payment Card Industry Data Security Standard).
By scanning your environment based on these standards you can:
- evaluate your infrastructure for regulatory compliance.
- harden your Docker Engine and Kubernetes orchestrator.
- understand and manage the overall security posture of your environment.
- get a detailed view of compliance status for clusters, namespaces, and nodes.
See Benchmark version for detailed information about the benchmark versions we support in different versions of the StackRox Kubernetes Security Platform.
The compliance dashboard provides a high-level view of the compliance standards across all clusters, namespaces, and nodes in your environment.
The compliance dashboard includes charts and provides options to investigate a potential problem with compliance mandates. You can navigate to compliance scan results for a single cluster, namespace, or a node. Moreover, you can generate reports on the state of compliance within your containerized environment.
To open the compliance dashboard:
- Select Compliance from the left-hand navigation menu.
The first time you open the Compliance dashboard you will see a blank dashboard. You must run a compliance scan to populate the dashboard. See Run compliance scans for more information.
In this section:
View compliance scan results
View the compliance scan results and understand if your environment is complaint against specific benchmarks.
We're happy to help! Reach out to us to discuss questions, issues, or feature requests.