Cloud security posture management
editCloud security posture management
editThis feature requires Elastic Stack version 8.3.0 or later.
Cloud security posture management (CSPM) and Kubernetes security posture management (KSPM) continuously monitor and compare your cloud and Kubernetes infrastructure against security best practices to help you identify and remediate misconfigurations.
The steps to enable this feature differ between Elastic Cloud and self-hosted deployments.
Enable KSPM for cloud deployments
edit-
First, enable the KSPM flag for your deployment:
-
From Kibana, open the main menu and click Manage this deployment.
- Under My deployment, select Kibana.
- Under Instances, click the three-dot menu next to your instance, then click Edit configuration.
- Click Edit user settings in the upper-right of the page.
-
Add
xpack.cloudSecurityPosture.enabled: true
to the user settings. -
Click Back, then save your Kibana user settings.
It may take up to two minutes for the changes to take effect.
-
-
Return to Kibana. From the main menu, go to Security → Cloud Security.
- Follow the prompts to set up data ingestion.
Enable KSPM for self-hosted deployments
edit-
Edit the
kibana.yml
file (typically found at/config/kibana.yml
) to includexpack.cloudSecurityPosture.enabled: true
. -
Return to Kibana. From the main menu, go to Security → Cloud Security.
- Follow the prompts to set up data ingestion.