kube-bench
Cluster auditor
Automated security auditing tool for Kubernetes clusters
Checks whether Kubernetes is deployed according to security best practices as defined in the CIS Kubernetes Benchmark
7k stars
107 watching
1k forks
Language: Go
last commit: about 1 month ago
Linked from 7 awesome lists
cis-benchmarkcis-kubernetes-benchmarkcis-securityhacktoberfestkube-benchkuberneteskubernetes-securityopenshift
tomhuang12/awesome-k8s-resources
rootsongjc/awesome-cloud-native
teamssix/awesome-cloud-security
funkmyster/awesome-cloud-security
jatrost/awesome-kubernetes-threat-detection
shospodarets/awesome-platform-engineering
metarget/awesome-cloud-native-securityRelated projects:
| Repository | Description | Stars |
|---|---|---|
| aquasecurity/kube-hunter | Detects security weaknesses in Kubernetes clusters to increase awareness and visibility of potential vulnerabilities. | 4,774 |
 zegl/kube-score | Analyzes Kubernetes object definitions for security and reliability issues and provides recommendations for improvement. | 2,813 |
 kubescape/kubescape | A platform that analyzes and secures Kubernetes environments throughout the development and deployment lifecycle | 10,292 |
 pulumi/kubespy | Provides real-time monitoring and analysis of Kubernetes resources | 2,896 |
 stackrox/kube-linter | Analyze Kubernetes YAML files and Helm charts to ensure they adhere to best practices. | 3,001 |
 cloudnativelabs/kube-router | A turnkey solution for Kubernetes networking providing operational simplicity and high performance through IPVS/LVS based service proxy, pod networking with BGP protocol, network policy controller using ipsets and iptables. | 2,332 |
 vmware-tanzu/kubeapps | An in-cluster web-based application for deploying and managing applications on Kubernetes clusters | 5,002 |
 madhuakula/kubernetes-goat | An interactive hands-on playground to learn and practice Kubernetes security using intentionally introduced vulnerabilities | 4,542 |
| aquasecurity/kubectl-who-can | An tool to show who has permissions to perform actions on Kubernetes resources | 850 |
| aquasecurity/trivy | A comprehensive security scanner that identifies vulnerabilities and misconfigurations in various targets such as containers, code repositories, and infrastructure | 24,010 |
 doitintl/kube-no-trouble | Tools to detect deprecated Kubernetes APIs in clusters | 3,227 |
 kubernetes/kube-state-metrics | Generates metrics about the state of Kubernetes objects without modifying the API | 5,484 |
 kubernetes-sigs/kubespray | Automates deployment and management of Kubernetes clusters on various infrastructure providers. | 16,297 |
 yokawasa/action-setup-kube-tools | An action that downloads and sets up multiple Kubernetes tools asynchronously | 78 |
| kubernetes/kubeadm | An aggregator for issues related to creating and managing Kubernetes clusters using the kubeadm tool | 3,775 |