GKE Security Posture dashboard now generally available with enhanced features
Glen Messenger
Product Manager
Daniel L'Hommedieu
Product Manager
We are excited to announce that the Google Kubernetes Engine (GKE) Security Posture dashboard is now generally available. The interface is designed to streamline the security management of your GKE clusters, and now includes a range of powerful features such as misconfiguration detection and vulnerability scanning to help ensure your applications remain safe and secure.
As part of our goal to simplify security at scale by providing insights into larger and more complex clusters, we're introducing support for up to 1,000 GKE nodes to ensure that the Security Posture dashboard can be used with larger clusters. Support for this many nodes helps ensure that the largest GKE deployments can be scanned for misconfigurations and OS level vulnerabilities.
Features in the GKE Security Posture dashboard provide you with increased transparency, a more complete snapshot of the security state of your GKE clusters and applications, and security assessments for all new clusters.
Introducing security bulletin surfacing (in Preview)
Vulnerability management is a critical aspect of ongoing security management and compliance. GKE publishes security bulletins when we find vulnerabilities that may affect clusters. Security bulletin surfacing in the GKE Security Posture dashboard shows notifications that affect your clusters based on their version and configuration.
With security bulletin surfacing, GKE can automatically determine whether a specific incident affects your environment and shows you actionable mitigations. This can help reduce toil for your security team to sort through the ever-growing list of active CVEs.
Security bulletin surfacing is available in the GKE Security Posture dashboard at no additional cost.
On by default for new clusters
Now that the Security Posture dashboard is generally available, we're turning on baseline Security Posture capabilities such as configuration audits and security bulletin surfacing for newly-created clusters.
For new GKE Autopilot clusters, we're also enabling container OS vulnerability scanning by default. Since GKE Autopilot leverages Google Cloud-managed system components, you won’t be billed for any of the compute resources this feature uses.
Get started today
Ready to take advantage of the improved GKE security experience? Learn more about our managed platform for containerized applications and how we’ve made managing your Kubernetes Security Posture easier.