kube-bench
Cluster auditor
Automated security auditing tool for Kubernetes clusters
Checks whether Kubernetes is deployed according to security best practices as defined in the CIS Kubernetes Benchmark
7k stars
106 watching
1k forks
Language: Go
last commit: 5 days ago
Linked from 7 awesome lists
cis-benchmarkcis-kubernetes-benchmarkcis-securityhacktoberfestkube-benchkuberneteskubernetes-securityopenshift
tomhuang12/awesome-k8s-resources
rootsongjc/awesome-cloud-native
teamssix/awesome-cloud-security
funkmyster/awesome-cloud-security
jatrost/awesome-kubernetes-threat-detection
shospodarets/awesome-platform-engineering
metarget/awesome-cloud-native-securityRelated projects:
| Repository | Description | Stars |
|---|---|---|
| aquasecurity/kube-hunter | Detects security weaknesses in Kubernetes clusters to increase awareness and visibility of potential vulnerabilities. | 4,765 |
 zegl/kube-score | Analyzes Kubernetes object definitions for security and reliability issues and provides recommendations for improvement. | 2,788 |
 kubescape/kubescape | A platform that analyzes and secures Kubernetes environments throughout the development and deployment lifecycle | 10,252 |
 pulumi/kubespy | Provides real-time monitoring and analysis of Kubernetes resources | 2,888 |
 stackrox/kube-linter | Analyze Kubernetes YAML files and Helm charts to ensure they adhere to best practices. | 2,970 |
 cloudnativelabs/kube-router | A turnkey solution for Kubernetes networking providing operational simplicity and high performance through IPVS/LVS based service proxy, pod networking with BGP protocol, network policy controller using ipsets and iptables. | 2,322 |
 vmware-tanzu/kubeapps | An in-cluster web-based application for deploying and managing applications on Kubernetes clusters | 4,996 |
 madhuakula/kubernetes-goat | An interactive hands-on playground to learn and practice Kubernetes security using intentionally introduced vulnerabilities | 4,421 |
| aquasecurity/kubectl-who-can | An tool to show who has permissions to perform actions on Kubernetes resources | 848 |
| aquasecurity/trivy | Automatically scans software projects for vulnerabilities and misconfigurations to ensure security and compliance. | 23,786 |
 doitintl/kube-no-trouble | Tools to detect deprecated Kubernetes APIs in clusters | 3,195 |
 kubernetes/kube-state-metrics | Generates metrics about the state of Kubernetes objects without modifying the API | 5,432 |
 kubernetes-sigs/kubespray | Automates deployment of production-ready Kubernetes clusters across multiple cloud and bare-metal environments. | 16,180 |
 yokawasa/action-setup-kube-tools | An action that downloads and sets up multiple Kubernetes tools asynchronously | 77 |
| kubernetes/kubeadm | An aggregator for issues related to creating and managing Kubernetes clusters using the kubeadm tool | 3,760 |