CISO Security KitCloudAI CISO

Kubernetes Audit Logs

K8s control-plane audit log hunting for exec into pods, service-account token abuse, and privileged workload creation.

What this skill does

Kubernetes Audit Logs is a versioned playbook inside the CISO Security Kit. It runs on the AI CISO agent through the Procux skill runtime, producing structured, auditable output suitable for executive review and regulator submission.

Kit: CISO Security Kit
Category: Cloud
Primary agent(s): AI CISO
Tags: cloud, kubernetes, audit, container

How to use it

Sign in to your Procux workspace and open the platform dashboard.
Pick the AI CISO agent, then pick Kubernetes Audit Logs from the CISO Security Kit catalog.
Provide the required inputs (repo, document, endpoint, jurisdiction) — the agent runs the playbook and returns a structured report.
Review, iterate, or export (PDF / JSON / Markdown) as part of your internal review cycle.

Related skills

API Gateway Access Analysis
Review API gateway authentication, rate limits, throttling, and access logs across AWS, Azure, and GCP providers.
AWS CloudTrail Threat Hunting
Detection hunts over CloudTrail management + data events: privilege escalation, impossible travel, key exfiltration.
Azure Activity Log Analysis
Azure control-plane activity log review for suspicious RBAC changes, resource tampering, and diagnostic drift.

← Back to full catalog