Find out if you have vulnerabilities that put you at risk
Test your applications
Toggle filtering controls
All service groups
AWS
Azure
Google
Kubernetes
All Kubernetes service groups
Container
Deployment
Network Policy
Network
Pod Security Policy
Role
RoleBinding
Service
Report a new vulnerability
RULE
SERVICE GROUP
H
Container is running in privileged mode
Deployment
H
Container is running with Docker socket mount
Deployment
H
Network policy does not restrict egress destinations
Deployment
H
Policy allows `privileged` containers
Deployment
H
The built-in "cluster-admin" role is used
Deployment
M
Container does not drop all default capabilities
Deployment
M
Container is exposing SSH port
Deployment
M
Container is running in host's IPC namespace
Deployment
M
Container is running in host's network namespace
Deployment
M
Container is running in host's PID namespace
Deployment
M
Container is running with SYS_ADMIN capability
Deployment
M
Container is running with writable root filesystem
Deployment
M
Container is running without privilege escalation control
Deployment
M
Container is running without root user control
Deployment
M
Pod is running with added capabilities
Deployment
M
Policy allows any apparmor profile
Deployment
M
Policy allows insecure seccomp profiles
Deployment
M
Policy does not prevent use of root user
Deployment
M
Role with too wide permissions
Deployment
L
Container has no CPU limit
Deployment
L
Container is running with custom hosts file configuration
Deployment
L
Container is running with custom SELinux options
Deployment
L
Container is running with shared mount propagation
Deployment
L
Container is running without memory limit
Deployment
L
RoleBinding is set to the default service account
Deployment