Link Search Menu Expand Document

Kubernetes Post Deployment Vulnerability Scan Data Management


The goal is to have a solution that scans deployed/post deployed container images for vulnerabilities in our kubernetes clusters. Instead of writing my own operator from scratch I’m going to take a shortcut and use Aquasec Starboard, this tool unfortunately does not have a GUI dashboard, but it does write the findings to CRD’s in the cluster. The code I need to write should read these CRD’s and then process the data so I can either export prometheus metrics with alerting rules, or send the data into elactic stack so I can build Kibana dashboards that we can pivot around the data. It would be nice if I could log a ticket straight from Kibana. I could also write some rules around what severity and namespaces I want to auto log tickets as another stretch goal.


  • Add code and explain steps
  • Add screenshots
  • Add artifacts (Kibana dashboard)

26th of July 2021