Launch the Carbon Black Cloud shortcut on your desktop as shown. You will be re-directed to the login page.

Login using the credentials listed in Demo Credentials.txt file located on your desktop.

• Username:  (listed in text file Demo Credentials.txt on the VMware Tanzu desktop)
• Password:  (listed in text file Demo Credentials.txt on the VMware Tanzu desktop)

The Carbon Black Cloud dashboard provides a high-level overview of your environment and enables you to quickly navigate to items of interest. You can customize the dashboard tiles and display data for specific time periods and policies.

Navigate to Inventory > Clusters to review current cluster management.

CBC Inventory provides Security teams with unified  insights across Endpoints, Workloads and Containers. Security teams are  able to view all protected and active clusters running within their  enterprise.

Expand the > under Actions column to view cluster details.

To assess K8s Workloads running within your environment navigate to Inventory > Workloads.

K8s Workloads monitor and provide information for each workload. You can view risk severity, if a workload is covered by K8s runtime and hardening policies, and if  there are any policy violations or enforcements. This helps remediate risks and fix  issues at a workload level in your K8s environment.

To understand your current state of you K8 Workloads navigate to Harden > K8s Health

Kubernetes Health Overview: Provides a single pane  of glass for complete visibility into your security posture across k8s  clusters and namespaces, including visibility into rules violations and  configurations. The K8s Health page shows the current state of your  Kubernetes environment and a summary on potential vulnerabilities. The  vulnerabilities are split into five categories: Workloads, Network,  Operations, Volume and Container Images.

• Workloads group built-in rules which identify settings that may expose your deployment to attack.
• Network groups built-in rules which identify Ingress services (read more for Ingress) in use in your deployment.
• Operations group built-in rules which identify performance and utilization of workloads.
• Volume groups built-in rules which identify access to data within your deployment.
• Container Images groups built-in rules which identify issues and vulnerabilities within your container images.

Next, let's switch the Tab from Overview to Risks. For more details on a particular risk, highlight it by clicking on the right hand arrow '>'

Kubernetes Health Risks: The K8s Health page  displays identified risks and associated workloads after setting up your  Kubernetes clusters. Reduce risks in your K8s environment and create  policies to enforce Alert or Block actions in the future if any rule  validation fails. The K8s Health page will reflect all changes in your  environment once you have taken action to resolve any potential  vulnerabilities. Risk is defined by KCCSS which scores risk based on:

• Confidentiality: Exposure of PII (Personally Identifiable Information), potential access to secrets, PII, etc.
• Integrity: Unwanted changes to the container, host  or cluster such as being able to change the runtime behavior, launch new  processes, new pods, etc.
• Availability: Exhaustion of resources, Denial of Service, etc.