SBN

Introducing Action Items Progress Reporting

Platform engineers and developers alike already know that Kubernetes is complex, and it can be hard to track and document improvements in this ephemeral environment. To address these challenges, I’m excited to announce Action Item Progress Reporting is now live in Fairwinds Insights. Progress reporting enables your organization to easily view and share your achievements in reducing your Kubernetes risk by making improvements that impact reliability, cost efficiency, and security. It can also help you identify areas where you would like to improve and makes it easy for you to review with teams or stakeholders.

Are You Fixing Action Items?

Many Action Items in Fairwinds Insights are related to misconfigurations. Platform engineering and security leaders want to be able to show that teams are fixing these misconfigurations, which are identified using >Polaris, Nova, Pluto, custom Open Policy Agent (OPA) policies, and so on. The new Report shows the number of open Action Items by month and track them over time, and allows filtering by severity (critical, high, medium, low, none), category (efficiency, reliability, security), cluster, reports (kube-bench, kube-hunter, kyverno, nova, opa, pluto), and namespace.

This screenshot from our sandbox shows you the number of open Action Items over the past year, filtered by critical severity.

This screenshot from our sandbox shows you the number of open Action Items over the past year, filtered by critical severity.

The “open” designation means the number of introduced Action items at the start of the month, minus the number of action items fixed, resolved, or deleted. In addition to reviewing open Action Items, you can look at introduced, manually resolved, fixed, and deleted Action Items. The filtering available in Insights allows you to focus on specific areas so you can make and track improvements over time. This new functionality allows you to save time by providing a holistic view of all progress made on cluster improvement within your organization.

Are You Reducing Risk?

Common Vulnerabilities and Exposures (CVEs) are constantly being introduced, creating a moving target for platform engineering and security leaders who are working hard to ensure the security of Kubernetes environments. The new Action Items Progress Report helps these leaders to track whether the number of images that contain at least one critical or high severity CVE is being reduced over time. Lowering the number of high risk vulnerabilities in your images can help you manage Kubernetes risk and improve the overall security of your K8s environments.

This screenshot from our sandbox shows you the number of critical vulnerabilities that were fixed over the course of a year.

This screenshot from our sandbox shows you the number of critical vulnerabilities that were fixed over the course of a year.

Show Your Progress

Progressing towards your goals is always important, but sometimes it’s hard to show the work you’ve done. To help DevOps and team leaders show the work they’ve been doing to resolve misconfigurations and vulnerabilities, Fairwinds Insights now makes it easy for you to display and share your cumulative progress on fixed and resolved Action Items over time. It’s easy to show your progress over time for all the clusters you have access to.

This screenshot from our sandbox shows you the cumulative number of fixed high and critical severity Security Action Items over the past year.

This screenshot from our sandbox shows you the cumulative number of fixed high and critical severity Security Action Items over the past year.

To ensure that you can show all the progress you’ve made over the course of the year, Insights allows you to filter data by multiple time segments, including views segmented:

  • Monthly
  • Weekly
  • Daily

It’s also important to be able to see your activity going back to last year, so that you can take long-term initiatives or organizational changes into account when viewing your metrics. Platform engineers and DevOps leaders may be managing multiple clusters and teams, so Insights also allows you to filter data based on the criteria most relevant to you at any time, including:

  • Action Item Severity
  • Action Item “category” (Security, Efficiency, Reliability)
  • Cluster
  • Report
  • Namespace
  • Insights Team

And you may also need to be able to share this information, either by exporting it to share within your company or reformatting the data to meet other needs. Fairwinds Insights allows you to easily export the data into a .csv file format and to use “Print Preview” to quickly generate a PDF that’s easy to share.

Meet Data Requirements

Increasingly, executive teams need to understand risk management priorities and how different teams are managing these efforts. As budgets tighten, executive teams want a high level overview of how platform engineering and development teams are managing risks and see how remediation efforts are progressing.

To meet this need, the new Insights Progress Report makes it easy to show:

  • Introduced — new Action Items introduced to your clusters
  • Open — number of unaddressed Action Items at the end of the month
  • Fixed — number of Action Items fixed in a month and cumulatively since inception
  • Manually Resolved — number of Action Items resolved manually in a month and cumulatively since inception

The report can be adjusted for daily, weekly, and monthly time periods to meet your data requirements.

To meet compliance requirements, it’s also important to know when Action Items are fixed, re-opened, and manually resolved. Insights stores additional metadata so you can more accurately track:

  • Fixed Date: The date when an Action Item goes to Fixed=True
    This may happen multiple times, so Insights tracks each Fixed date
  • Re-open Date: The date an Action Item goes from Fixed=True to Fixed=False
    This may happen multiple times, so Insights tracks each Re-open Date as a new Action Item being reported for that time.
  • Manual Resolution Date: The date an Action Item went from Resolution=None to Won’t fix or Working as Intended

Watch this short demo of Action Items Reporting here:

Access Action Item Reports

Ready to get started? Using this approach, it takes just minutes to review your Action Items and sort and filter the data to meet your various needs. If you’re not already using Insights, try the free tier, which is available for environments up to 20 nodes, two clusters, and one repo. If you have any additional questions, please reach out or join our Slack Community.

Free Resource: Kubernetes Benchmark Report 2023

*** This is a Security Bloggers Network syndicated blog from Fairwinds | Blog authored by Liz Coolman. Read the original post at: https://www.fairwinds.com/blog/introducing-action-items-progress-reporting