Kubernetes module

The Kubernetes page is the topology view of your clusters, distinct from the KSPM page (which is rule-based).

Tabs

Lists every connected cluster.

Column	Notes
Name	Cluster identifier.
Cloud	Provider logo. EKS / AKS / GKE / Kapsule / self-hosted.
Region	When applicable.
Version	Kubernetes minor version.
Nodes	Count of nodes.
Pods	Count of running pods.
Issues	Total count of OPEN findings (KSPM + IaC + secrets in cluster + CVEs in pods).
Public	Bullet if the API server is internet-reachable.
CNI	The CNI plugin in use (calico, cilium, etc.).
Status	`healthy`, `degraded`.

Clicking a cluster opens its detail panel with cluster-level configuration, the network topology summary, and a graph slice.

Lists every node across every cluster.

Column	Notes
Node	Hostname.
Cluster	Which cluster the node belongs to.
Cloud / Region	The underlying VM.
Kubelet version	Detected from the node status.
Status	`Ready`, `NotReady`.
Pods	Count of pods scheduled on this node.
OS	Linux distro + kernel.

Useful for correlating an HCR finding (CIS-K8S-4.2.6) back to the specific node.

Lists every Deployment, StatefulSet, DaemonSet, Job, CronJob.

Column	Notes
Name	Workload name.
Cluster / Namespace	Where the workload runs.
Kind	Deployment / StatefulSet / etc.
Cloud	Provider logo.
Replicas	Desired / available.
Issues	OPEN finding count (KSPM + image CVEs).

Clicking a workload opens its detail panel with the spec excerpt and any associated findings.

Each tab has cloud + region filters, plus a free-text name search.

Public API + Issues > 0 is your priority list. Filter clusters by Public: yes and sort by issues.
Workloads with no replicas are dormant deployments worth removing, as they often carry old image CVEs.
Nodes view is the bridge to HCR. A KSPM finding on a Pod can often be traced down to a host-level CIS finding on the underlying node.