Threat Stack now includes CIS Docker and Kubernetes rulesets to increase configuration visibility. The CIS Docker ruleset assists with safe and secure configuration of Docker containers by alerting on known configuration issues and misconfigurations. The Kubernetes ruleset assists with file integrity monitoring (FIM) by alerting on changes to configuration files associated with the Kubernetes API server, Scheduler, etcd, Control Manager, Cluster Administration, and Kublet Service.
File Integrity Monitoring (FIM) rules for containers provide visibility to files that are accessible from the host file system. For containers, this includes container volumes mounted by the host, but no other files.
If these rulesets provide value for your organization, then please reach out to your customer success manager to add them to your environment.
Threat Stack lists the most up-to-date rulesets in the Base Ruleset Compliance Matrix.