kubescape-operator-1.19.1

Kubescape is an E2E Kubernetes cluster security platform

What's Changed

• Add imagePullSecrets to node-agent and servicediscovery by @yonatanamz in #463
• provide an option to skip ssl verification in http-request by @amirmalka in #464
• prepare 1.19.1 release by @matthyx in #465

New Contributors

• @yonatanamz made their first contribution in #463

Full Changelog: kubescape-operator-1.18.18...kubescape-operator-1.19.1

kubescape-operator-1.18.18

Kubescape is an E2E Kubernetes cluster security platform

What's Changed

• add missing network policies by @matthyx in #445
• Hotfix/service discovery crd by @idohuber in #461
• Seccomp by @matthyx in #457

Full Changelog: kubescape-operator-1.18.17...kubescape-operator-1.18.18

kubescape-operator-1.18.17

Kubescape is an E2E Kubernetes cluster security platform

What's Changed

• Changing KDR defaults to include installation of CRD by @slashben in #448
• Add support for custom CA certificates in KS containers by @slashben in #450
• Adding new rules by @amitschendel in #444
• remove create event permission from node-agent by @matthyx in #451
• add missing probes by @matthyx in #452
• create the seerviceAuth CRD and add permission by @idohuber in #455

New Contributors

• @idohuber made their first contribution in #455

Full Changelog: kubescape-operator-1.18.16...kubescape-operator-1.18.17

kubescape-operator-1.18.16

Kubescape is an E2E Kubernetes cluster security platform

What's Changed

• Add services, ingresss and gateway obj to syncronizer by @YiscahLevySilas1 in #440
• Bump image versions by @dwertent in #447

Full Changelog: kubescape-operator-1.18.14...kubescape-operator-1.18.16

kubescape-operator-1.18.15

Kubescape is an E2E Kubernetes cluster security platform

kubescape-operator-1.18.14

1.18.14 Release Notes

🚀 Enhancements

• New rules for the thread detection capability by @amitschendel in #439
• Do not scan large images, configure kubevuln.maxSBOMSize=20971520
  GA: rule-based alerting

Install

For installation, add the following flags to the installation command:

runtimeDetection: Detect unexpected file exec/file open and network
malwareDetection: Anti-virus

--set capabilities.runtimeDetection=enable \
--set capabilities.malwareDetection=enable \
--set capabilities.nodeProfileService=enable \
--set alertCRD.installDefault=true \
--set alertCRD.scopeClustered=true \
--set nodeAgent.config.prometheusExporter=enable

🐞 Fixed issues

• Adding proxy-secret volume to the discovery job by @dwertent in #436

Full Changelog: kubescape-operator-1.18.13...kubescape-operator-1.18.14

kubescape-operator-1.18.13

1.18.13 Release Notes

This is a hot-fix release, see 1.18.12 release notes.

🚀 Enhancements

• Adding priorityClassName to node-agent by @dwertent in #433

🐞 Fixed issues

• Bump storage with hotfix by @matthyx in #434

Full Changelog: kubescape-operator-1.18.12...kubescape-operator-1.18.13

kubescape-operator-1.18.12

1.18.12 Release Notes

📢 Updates

We updated the internal package responsible for generating the SBOM and the vulnerabilities report. This change might impact some scanning results, making them more accurate.

🚀 Enhancements

• Bump syft and grype versions by @dwertent in #431
• Update the microservices images by @matthyx in #432

Rule-based alerting installation guide

Full Changelog: kubescape-operator-1.18.11...kubescape-operator-1.18.12

kubescape-operator-1.18.11

1.18.11 Release Notes

🚀 Enhancements

Beta (release candidate): rule-based alerting

• Rule-based alerting - beta version RC by @dwertent in #427

Install

For installation, add the following flags to the installation command:

runtimeDetection: Detect unexpected file exec/file open and network
malwareDetection: Anti-virus

--set capabilities.runtimeDetection=enable --set capabilities.malwareDetection=enable --set alertCRD.installDefault=true --set alertCRD.scopeClustered=true --set nodeAgent.config.prometheusExporter=enable

🐞 Fixed issues

• Fixed SBOM encoding in storage by @dwertent in #424

Full Changelog: kubescape-operator-1.18.10...kubescape-operator-1.18.11

kubescape-operator-1.18.10

1.18.10 Release Notes

🚀 Enhancements

Alpha release: rule-based alerting
In this release, we are introducing runtime-based alerting to detect malicious behavior in the applications running in the cluster.
Feel free to contact us if you are interested in testing it out :)

Install

For installation, add the following flags to the installation command:

• runtimeDetection: Detect unexpected file exec/file open and network
• malwareDetection: Anti-virus

--set capabilities.runtimeDetection=enable --set capabilities.malwareDetection=enable 

Alerts

The alerts should be available in Prometheus.
Enable the serviceMonitor:

--set nodeAgent.serviceMonitor.enabled=true

@dwertent @amirmalka @amitschendel #416

🐞 Fixed issues

• Fixed cronJob headers by @matthyx in #415
• Operator getting stuck by @matthyx in #415

Full Changelog: kubescape-operator-1.18.8...kubescape-operator-1.18.10