Container Rulesets Compliance Matrix

Threat Stack now includes CIS Docker and Kubernetes rulesets to increase configuration visibility. The CIS Docker ruleset assists with safe and secure configuration of Docker containers by alerting on known configuration issues and misconfigurations. The Kubernetes ruleset assists with file integrity monitoring (FIM) by alerting on changes to configuration files associated with the Kubernetes API server, Scheduler, etcd, Control Manager, Cluster Administration, and Kublet Service.  


File Integrity Monitoring (FIM) rules for containers provide visibility to files that are accessible from the host file system. For containers, this includes container volumes mounted by the host, but no other files.

If these rulesets provide value for your organization, then please reach out to your customer success manager to add them to your environment.


Threat Stack lists the most up-to-date rulesets in the Base Ruleset Compliance Matrix.

Docker CIS Docker Kubernetes
Docker: File: Docker Container File Change
Docker: File: Docker Configuration Change
Docker: File: Docker Executable Change
Docker: Network: Outbound Connection (Connects)
Docker: User: Privileged Commands
Docker: User: Push or Pull Commands
Docker: User: User Commands

Related Articles

Was this article helpful?
1 out of 1 found this helpful
Have more questions? Submit a request