Compliance | Trend Micro Service Central

Views:

Scan your Amazon EKS, Kubernetes, and OpenShift clusters for security compliance issues and generate reports with actionable insights.

Important

Compliance scanning is currently only supported on clusters mapped within Trend Vision One to a connected AWS account. Real-Time Posture Monitoring must be enabled in that account, and the latest Container Security software must be installed.

The following table details the actions you can take on the Compliance tab.

Action

Description

Enable compliance scanning

Switch on the toggle to enable compliance scanning.

Before enabling compliance scanning, ensure that the following conditions are met.

Trend Vision One is connected to your AWS account and Real-Time Posture Monitoring is enabled.
You are running EKS clusters and they are mapped to your AWS account.
The latest Container Security software is running on the EKS clusters.

View the last scan time

View the last time your clusters were scanned.

To initiate a scan immediately, click Scan Now.

Scannable EKS clusters

View the list of requirements for EKS cluster compliance scanning as well as the number of compatible clusters that can be scanned. Compatible clusters include the number of clusters with Container Security installed (scannable clusters) vs the total number of connected clusters.

Note

The numbers displayed are independent of Asset Visibility Management.

Click Reports to view the last scan report in the Reports app.

To learn more about the Reports app, see Reports.

Scannable Kubernetes clusters

View the list of requirements for self-managed Kubernetes cluster compliance scanning as well as the number of compatible clusters that can be scanned. Compatible clusters include the number of clusters with Container Security installed (scannable clusters) vs the total number of connected clusters.

Click Reports to view the last scan report in the Reports app.

To learn more about the Reports app, see Reports.

Click Compliance Scan Configuration Settings to view and modify your Kubernetes cluster rules and policies.

To learn more about Kubernetes compliance settings and benchmarks, see Kubernetes compliance scanning and Kubernetes 1.9.0 recommendations.

Scannable Red Hat OpenShift clusters

View the list of requirements for Red Hat OpenShift cluster compliance scanning as well as the number of compatible clusters that can be scanned. Compatible clusters include the number of clusters with Container Security installed (scannable clusters) vs the total number of connected clusters.

Note

Red Hat OpenShift Container Platform versions 4.0 or newer are supported for compliance scanning.

Click Reports to view the last scan report in the Reports app.

To learn more about the Reports app, see Reports.