top of page

Enhance your Kubernetes security by leveraging KubeSec



Kubesec is an open-source Kubernetes security scanner and analysis tool. It scans your Kubernetes

cluster for common exploitable risks such as privileged capabilities and provides a severity score for each

found vulnerability.

Security risk analysis for Kubernetes resources.

• Take in a single YAML file as input.

• One YAML can connect multiple Kubernetes resources.

Kubesec is available as:

• Docker container image at

• Linux/MacOS/Win binary (get the latest release)

• Kubernetes Admission Controller

• Kubectl plugin

Keep your cluster secure and follow me on a brief demo!

First things first, we are going to define a bash script which is going to perform the scans on our yaml file

by calling the KubeSec API.

1) Execute touch

2) Create our risky deployment! execute another touch command as follows:

touch insecure-deployment.yaml

Then, paste the following content (make sure you are using your image, it also can be a testing one.


apiVersion: apps/v1

kind: Deployment



app: devsecops

name: devsecops


replicas: 2