Kubescape Security Scanning for Kubernetes
Kubescape Security Scanning
Section titled “Kubescape Security Scanning”This guide enables Kubescape in offline mode for lightweight configuration and vulnerability scanning.
Step 1: Sync the Kubescape application
Section titled “Step 1: Sync the Kubescape application”ArgoCD deploys Kubescape from infrastructure/kubescape/.
kubectl -n argocd get applications | rg kubescapeStep 2: Verify the pods
Section titled “Step 2: Verify the pods”kubectl -n kubescape get podsStep 3: View scan results
Section titled “Step 3: View scan results”Configuration scans:
kubectl get workloadconfigurationscans -AImage vulnerability scans:
kubectl get vulnerabilitymanifests -AStep 4: Tune what gets scanned
Section titled “Step 4: Tune what gets scanned”Edit infrastructure/kubescape/kubescape.yaml to adjust capabilities or namespace filters, then let ArgoCD sync.
The defaults keep admission control and runtime detections disabled to avoid disrupting workloads.