Accuknox CWPP Dashboard gives comprehensive view of runtime protection with help of widgets like Alert summary, Compliance summary, Namespace, Pod alerts and other alerts based on severity and operations. All these widgets gives the user clear idea of the runtime protection that is being done in the cluster. User can select the cluster in the filter provided and see the dashboard summary related to that cluster. There is also option for seeing the alerts and summary for particular Namespace in the cluster using the Namespace filter.
In the Alerts summary widgets, we can get the summary of Total alerts generated for the cluster/Namespace. Along with that we can see Total No. of blocked alerts and Total no. of Audited Alerts. Blocked Alerts are pertaining to the KubeArmor alerts that are generated due to the System block policies applied in the cluster. Audited alerts are generated by the audit policies applied in the cluster/ Namespace.
Compliance summary gives the view of Compliance benchmarks that are applied to the cluster/ Namespace by the hardening policies of KubeArmor. It gives view of MITRE, NIST, CIS, PCI-DSS Benchmarks that are applied from the policies.
This section gives the information about the compliance alerts generated in the Cluster/Namespace in the graphical form. It uses different color coding for various Compliance Benchmarks like MITRE, NIST, PCI-DSS, etc.,
In this widget users can get the summary information about the severity of the attacks that were attempted in the Namespaces that are present in the Cluster.
Top 10 Policies by Alerts Count:
This Section gives information about the Top 10 policies for which alerts are generated in the cluster/Namespace. For example If there are different policies like audit, process block, file integrity policies applied in the cluster. Then this widget will give the graphical representation of top 10 policies for which high alerts are generated.
Here the Users can get information about the Namspace specific alerts that are generated in the selected cluster.
Pod Alerts widgets provides information regarding the alerts that are generated from the pods that are running in the cluster/Namespace.
Alert based Operations:
In the below widget users can know about the operations like File access or process block, audit for which operations the alerts generated. Users will be getting a graphical representation of the alerts.
Alerts based on Severity:
Alerts based on Severity widget will be providing the information about the severity of the attacks that were prevented by the runtime protection policies in the selected cluster/ Namespace.