What this feature gives you
- Trace namespace and cluster-level escalation paths from service accounts
- Understand cluster-to-cloud trust bridges through OIDC federation
- Simulate RBAC hardening changes to avoid workload breakage
Feature: Kubernetes
Kubernetes machine identity visibility beyond RBAC tables
Correlate service accounts, tokens, roles, and bindings with cloud federation context to find exploitable privilege paths.
Expected outcomes
- Lower RBAC drift and accidental privilege growth
- Safer service account governance in production clusters
- Faster root-cause analysis during identity incidents