The Essential Cloud Security Controls (ECSC) ruleset is a set of cloud security controls designed to help security teams prioritize their efforts and improve their security posture. The ECSC v2 includes an updated list of detections for each major cloud provider, including AWS, Azure, and Google Cloud, as well as support for Kubernetes. This allows cloud security teams to quickly identify which clusters they defend are at risk and work to remediate them. The ruleset is based on industry best practices, the risk of significant impact, and their potential to have prevented a known breach. It includes controls such as restricting public access to S3 buckets, disabling FTP deployments, and using secure authentication methods for Kubernetes API servers. The ECSC v2 also introduces support for Kubernetes, allowing cloud security teams to identify and remediate vulnerabilities in their containerized applications.