docs.panoptica.app Open in urlscan Pro
2606:4700::6810:f176  Public Scan

Form analysis
0 forms found in the DOM

Text Content

Jump to Content
DocumentationAPI ReferenceRelease Notes
HomeDocumentationAPI ReferenceRelease Notesv1.0v2.0

--------------------------------------------------------------------------------

DocumentationAPI ReferenceRelease NotesLog In
Documentation
Log In
Moon (Dark Mode)Sun (Light Mode)

v2.0
Documentation
Kubernetes Deployment
Kubernetes Deployment
Search
CTRL-K
All
Documentation
API Reference
Release Notes

START TYPING TO SEARCH…


GETTING STARTED

 * Welcome to Panoptica
 * Getting Started
 * Help Center
 * Top Bar Filter


ONBOARDING

 * AWS Onboarding
   * AWS Onboarding with Terraform
   * AWS Onboarding - Roles, Policies, and Permissions
   * AWS Workload Scanning - Details
   * AWS CVE Scanning - Cost Estimation
 * Azure Onboarding
   * Azure Onboarding - Manual Deployment
   * Azure CVE Scanning
 * GCP Onboarding
   * GCP Onboarding - Details
 * Kubernetes Controller Onboarding
   * Kubernetes Onboarding using Console UI
   * Kubernetes Onboarding using CLI
   * Kubernetes Onboarding using Terraform
   * Kubernetes Onboarding using Argo CD
   * Advanced Kubernetes Integration
   * Kubernetes Controller Migration
 * Oracle Onboarding


DASHBOARD

 * New Dashboard
   * Legacy Dashboard
   * Use Cases for Dashboard


THREATS AND VULNERABILITIES

 * Attack Path Analysis
   * Attack Path Categories
   * Use Case for Attack Path Analysis
 * External Attack Surface
   * Set up Guide for Attack Surface Discovery
 * Vulnerability Management
   * CVEs Prioritization
 * Smart CDR


POSTURE MANAGEMENT

 * Asset Inventory
   * Data Inventory
   * Asset Health Score
   * Use Cases for Asset Management
   * Service Categories
 * Security Posture
   * Supported Services and Risks
   * Risk Categories
   * Kubernetes Security Posture
 * Security Graph Query (Preview)
 * Root Cause Analysis
   * Use Cases for Root Cause Analysis
 * Compliance Framework
   * Supported Frameworks
   * Compliance Calculation


WORKLOADS AND DATA

 * API Security
   * API Security Deployment
     * API Trace Sources
     * API Trace Source Installation
     * Exposing the API Controller for Trace Sources
   * API Asset Details
   * Sensitive Data
   * API Security CLI
     * API Security CLI Jobs
     * CLI Job Results in the Console UI
   * OpenAPI Specification and Drift Analysis
   * Authentication Extraction
 * Data Security
   * Data Type Classification (Preview)
   * List of Supported Data Assets


BUILD AND APPLICATIONS

 * Code Security
   * GitHub Integration
     * GitHub PR Scanning
   * GitLab Integration
   * Azure DevOps Integration
   * CI/CD CLI Tool (Preview)
     * CI/CD CLI v1.4
     * CI/CD CLI v1.3
     * CI/CD CLI v1.2
 * CI/CD Posture


INTEGRATIONS

 * Workspaces
   * JIRA Integration
   * ServiceNow Integration
 * Threat Intelligence
   * IntSights Integration
   * CISA Integration
 * Cisco Security
   * Cisco Multicloud Defense
     * Multicloud Defense Integration
     * Multicloud Defense in Panoptica
 * Application Security
   * Twistlock Integration
   * Snyk Integration
   * Tenable Integration


PLATFORM MANAGEMENT

 * Policies (Preview)
 * Reports
 * Accounts
 * User Management
 * Scope Management
 * Notifications and Alerts
   * Slack Integration
   * MS Teams Integration
   * SIEM Integration
   * SIEM Alert Channel to AWS S3
   * Webex Integration
   * Create Alert


REST API

 * Basic API Usage


FAQS

 * Best Practices: Baseline Setting and Fine Tuning
 * Access Requirements
 * Panoptica Engines
 * Attack Paths
 * Security Findings
 * Detection
 * Dynamic Mitigation
 * CVEs/Vulnerabilities
 * Log4j and Spring4Shell Scanning
 * Data Storage and Retention
 * Remediation
 * Platform Security
 * OpenSSL v3 CRITICAL Vulnerability Disclosed

Powered by 


KUBERNETES DEPLOYMENT

Suggest Edits

The Panoptica controller is deployed as a single pod in any Kubernetes cluster,
including managed environments such as OpenShift and GKE. From there, it can
apply security posture management on your Kubernetes clusters, as well as
protection of the workloads in those clusters.

Once the controller is deployed, your cloud workloads will gain all the benefits
of Panoptica security: visibility, inventory scanning, attack path analysis,
etc. You can also choose to incorporate API Security and Realtime CDR at
deployment. Panoptica enables implicit, automatic scalability as you grow the
cluster to production scales.


> 📘
> 
> PREREQUISITES FOR THE CLUSTER
> 
>  * Kubernetes 1.23 or later
>  * Helm version is 3.8.0 or higher, with OCI registry support
>  * At least three nodes in the cluster
>  * K8s CLI (kubectl) should be installed on the machine or VM from which the
>    deployment is run, with admin permissions to the cluster
>  * DNS resolution and external access to these domains, on port 443:
>    * Panoptica platform: appsecurity.cisco.com (34.74.85.197)
>    * GCP Container Registry (if not using internal registry):
>      gcr.io/eticloud/k8sec
>  * Resources: 8 GB memory, 1.2 vCPU cores (total, for all nodes).

To start securing your Kubernetes resources, log into Panoptica and register
your cluster in the platform. After registration, use customized Helm charts to
deploy the Panoptica controller in your cluster.


ONBOARDING A KUBERNETES CLUSTER

To get started, select Settings in the navigation pane, then the Accounts tab.
Choose Kubernetes, and follow the on-screen steps, which are detailed below.


1. DEFINE PREFERENCES

In addition to workload protection, you can add Panoptica's API Security
controller, and the Cloud Native Detection and Response collector to enhance the
security of your K8S clusters. Selecting those preferences on the Kubernetes
deployment screen will add those elements to the deployment Helm charts.


API SECURITY

Panoptica's API Security builds and maintains a catalog of the APIs in your
environment, including the APIs you expose (internally and externally), as well
as third-party APIs your applications consume. Along with trace source
collectors, Panoptica's API Security controller analyzes risks and
vulnerabilities, assigns risk scores, and helps maintain your security posture.
See API Security for details.


CLOUD NATIVE DETECTION AND RESPONSE (CDR)

Adding the CDR service to your deployment enables K8s runtime protection, so you
can discover security events as they happen. Panoptica then issues alerts via
the platform of your choice, according to severity levels that you configure.

See Notifications and Alerts under Platform Management for details on
configuring notification channels and CDR alerts.


2. REGISTER CLUSTER

 1. Enter a unique name for your Kubernetes cluster, as you want it to appear in
    Panoptica.

 2. Click Register to define the cluster name in Panoptica.
 3. Once registered, Panoptica will generate an access key for your cluster, and
    the Helm commands will become visible.
    Copy the Helm chart commands, which you'll use to install the controller in
    your cluster.
    For convenience, click the Copy button in the corner of the text window.


> 📘
> 
> REDHAT OPENSHIFT INSTALLATIONS
> 
> If you are installing in a RedHat OpenShift cluster, you must append the
> following string to the Helm upgrade command:
> 
> --set global.isOpenShift=true


3. INSTALL THE CONTROLLER

Now go to your machine or VM and run the Helm chart installation commands to
install the controller on your cluster.
Note that the installer requires admin permissions to the cluster to deploy the
controller.

The Helm chart commands contain a unique agentId and sharedKey, which must only
be used to install on one cluster. You can deploy Panoptica on multiple clusters
by registering each one separately in the platform.

The cluster will now appear in the table on the Accounts page. Once Panoptica's
controller has been deployed in your cluster, the Status will change to
"Connected".



Click the three dots (•••) at the end of each line to open a drop-down list of
actions you can perform on that cluster:

 * To initiate an immediate scan, select Scan Now.
 * To change the name of the cluster, select Edit.
 * To ignore a cluster, without deleting it, select Exclude. This is useful for
   temporarily halting scans without offboarding the cluster, and for excluding
   certain auto-generated accounts from an organization, such as HR.
 * To remove the controller from Panoptica, select Delete.

Updated 5 months ago

--------------------------------------------------------------------------------

Welcome to Panoptica
 * Table of Contents
 * * Onboarding a Kubernetes cluster
     * 1. Define Preferences
     * 2. Register Cluster
     * 3. Install the Controller