Security compliance is the set of processes used for continuous monitoring and evaluation of a system. Although Kubernetes has made container configuration, deployment, and management easier, it has also introduced several complexities when it comes to security. Nirmata Policy Manager (NPM) offers the required governance, security, and continuous compliance to build scalable Kubernetes-based platforms efficiently. In addition to securing your applications that are deployed to Kubernetes clusters, you can also secure your software supply chain by signing and attesting images and validating configurations in your build pipelines. 

There are several built-in standards in NPM such as CIS Kubernetes Benchmarks, Pod Security Standards (Baseline and Restricted), Workload Best Practices, Multi-tenancy, RBAC, etc. In addition to the built-in standards, you can also add your own customized standards.

For more details, please watch this video: Compliance Standards Overview

Adding Custom Compliance Standards

Nirmata Policy Manager (NPM) allows you to define custom compliance standards and provides the ability to map your policies and policy violations to certain standards. Additionally, you can add your own standards by using the “Add Standard” feature in the tool. 

How to add a Compliance Standard

To add a compliance standard:

1. 1. Add Custom Standard
   2. Specify name, version, and description
   3. Download the CSV file
   4. Add mappings to the CSV file
   5. Upload the CSV file
   6. Save the standard

In a few minutes, the compliance information will become available.

For more details, please refer to this video on How to add your own custom standards to NPM. 

Policy Violations Reports

Nirmata Policy Manager offers the Policy Reports capability where you can see policy reports by their categories, Kubernetes clusters, and by namespaces. It also gives the details of the rule, type, category, scope, source, and reason if the policy failed. There is an option to view and download the policy YAML. If there is a policy failure, you can create a Jira ticket with the failure information.

Watch this video for more details: Policy Violations Reports

You can try Nirmata Policy Manager to ensure continuous compliance for your Kubernetes clusters by signing up for a free trial. Get the free data sheet on Nirmata Policy Manager by following this link.

Learn more about Nirmata for continuous compliance here.

Get started with Nirmata Policy Manager today for a better tomorrow.