Alcide Kubernetes Advisor is a Kubernetes multi-cluster vulnerability scanner that covers rich Kubernetes and Istio security best practices and compliance checks such as Kubernetes vulnerability scanning, hunting misplaced secrets, or excessive secret access, workload hardening from Pod Security to network policies, Istio security configuration and best practices, Ingress controllers for security best practices, Kubernetes API server access privileges and Kubernetes operators security best practices. Alcide Advisor is an agentless Kubernetes audit, compliance and hygiene scanner that’s built to ensure a friciton free DevSecOps workflows. Alcide Advisor can be plugged early in the development process and before moving to production. Get a single-pane view for all K8s-related issues: audit, compliance, topology, network, policies, and threats with Alcide Advisor, and integrate it with your CI/CD pipeline. With Alcide Advisor, the security checks you can cover includes:

• Kubernetes infrastructure vulnerability scanning
• Hunting misplaced secrets, or excessive priviliges for secret access
• Workload hardening from Pod Security to network policies
• Istio security configuration and best practices
• Ingress Controllers for security best practices
• Kubernetes API server access privileges
• Kubernetes operators security best practices
• Deployment conformance to labeling, annotating, resource limits and much more

Whether you are looking to secure Kubernetes cluster hygiene in your CI+CD pipeline, or to ensure consistent multi-cluster conformance, Alcide Kubernetes Advisor provides you with valuable benefits from day one: SecOps get visibility Into Kubernetes black box – from network and hygiene perspective and are able to get high resolution in cluster detection of threats. DevOps get to harden their cluster’s security and detect drifts in their software supply chain. Alcide also supports policy customization by security pros, that are monitored by DevOps. You can apply multiple policies managed by different teams, and violations can be routed to either ChatOps tools like Slack or security toolchain like Splunk.