aquasecurity / kube-bench
Checks whether Kubernetes is deployed according to security best practices as defined in the CIS Kubernetes Benchmark
β7,367Updated this week
Alternatives and similar repositories for kube-bench:
Users that are interested in kube-bench are comparing it to the libraries listed below
- Hunt for security weaknesses in Kubernetes clustersβ4,845Updated last year
- π A Kubernetes cluster resource sanitizerβ5,537Updated last week
- Validation of best practices in your Kubernetes clustersβ3,235Updated this week
- π Gatekeeper - Policy Controller for Kubernetesβ3,847Updated this week
- Kubernetes object analysis with recommendations for improved reliability and security. kube-score actively prevents downtime and bugs in β¦β2,878Updated last week
- π¦ Find and install kubectl pluginsβ6,581Updated last month
- Backup and migrate Kubernetes applications and their persistent volumesβ9,126Updated this week
- Cloud Native Runtime Securityβ7,796Updated last week
- Write tests against structured configuration data using the Open Policy Agent Rego query languageβ2,945Updated last week
- KubeLinter is a static analysis tool that checks Kubernetes YAML files and Helm charts to ensure the applications represented in them adhβ¦β3,137Updated last week
- Superseded by https://github.com/aquasecurity/trivy-operatorβ1,366Updated last month
- Vulnerability Static Analysis for Containersβ10,579Updated last week
- Kubectl plugin to ease sniffing on kubernetes pods using tcpdump and wiresharkβ3,302Updated 8 months ago
- Configure external DNS servers (AWS Route53, Google CloudDNS and others) for Kubernetes Ingresses and Servicesβ8,073Updated last week
- A Kubernetes controller and tool for one-way encrypted Secretsβ8,101Updated last week
- Sonobuoy is a diagnostic tool that makes it easier to understand the state of a Kubernetes cluster by running a set of Kubernetes conformβ¦β2,952Updated last month
- kubectl plugin to browse Kubernetes object hierarchies as a tree π (star the repo if you are using)β3,113Updated 4 months ago
- Tfsec is now part of Trivyβ6,805Updated 2 months ago
- Cost monitoring for Kubernetes workloads and cloud costsβ5,685Updated this week
- A service that analyzes docker images and scans for vulnerabilitiesβ1,587Updated 2 years ago
- Tools for observing Kubernetes resources in real time, powered by Pulumi.β2,921Updated 11 months ago
- Get your resource requests "Just Right"β2,757Updated last month
- Validate your Kubernetes configuration files, supports multiple Kubernetes versionsβ3,193Updated last year
- Kubernetes Security - Best Practice Guideβ2,706Updated 5 years ago
- A helm plugin that shows a diff explaining what a helm upgrade would changeβ2,937Updated this week
- Cloud Native Policy Managementβ6,226Updated this week
- Hubble - Network, Service & Security Observability for Kubernetes using eBPFβ3,731Updated last week
- Example recipes for Kubernetes Network Policies that you can just copy pasteβ5,901Updated 2 months ago
- Descheduler for Kubernetesβ4,782Updated this week
- Kubernetes Reboot Daemonβ2,275Updated last week