Working with the KSPM dashboard
Note
Kubernetes® Security Posture Management (KSPM) is at the Preview stage and provided upon request. Also, it requires access to Security Deck workspaces.
To get access, contact support or your account manager.
If you want to use an AI assistant to work with alerts, request access to it as well.
- Go to Yandex Security Deck.
- In the left-hand panel, select KSPM.
- At the top of the window, click More and select the workspace.
- On the Clusters tab, make sure all the clusters are connected to KSPM and are in the active control status.
- Review the Dashboard tab. It has the following sections:
-
Top controls with warnings: Contains the most frequently violated rules within the control scope and gives the number of violations.
-
Section with overall statistics for the scope of control: Gives the number of clusters with KSPM connection errors, numbers of clusters with security warnings, number of Tops clusters with warnings, and number of violations.
-
A list of alerts stating threat type, status, and last update time.
For each security rule violation, an alert is created with a detailed description of the violation, severity, detection time, list of affected resources and troubleshooting recommendations.
You can manage troubleshooting for each specific alert:
- Assign persons responsible for troubleshooting.
- Manage the alert status.
- Leave comments.
- Keep track of troubleshooting progress.
- Request analysis from the AI assistant.
-