Compare commits
8 Commits
dccb53950a
...
40a4cba807
Author | SHA1 | Date |
---|---|---|
Jimmy Mesta | 40a4cba807 | |
Jimmy Mesta | d35db73e71 | |
Jimmy Mesta | 620127296f | |
Jimmy Mesta | 2ccbb8108c | |
Jimmy Mesta | 92e8f5a57f | |
TheDen | 9a218c4cfb | |
gabyf | 5db2250930 | |
ningmingxiao | 08dabe0ec0 |
|
@ -6,15 +6,19 @@ A curated list of awesome Kubernetes security resources. Can you dig it?
|
|||
|
||||
- [aad-pod-identity](https://github.com/Azure/aad-pod-identity/) - Assign Azure AD idenitites to pods in Kubernetes, in order to access Azure resources
|
||||
- [audit2rbac](https://github.com/liggitt/audit2rbac) - Autogenerate RBAC policies based on Kubernetes audit logs
|
||||
- [CDK](https://github.com/cdk-team/CDK) - Zero Dependency Container Penetration Toolkit
|
||||
- [Deepfence ThreatMapper](https://github.com/deepfence/ThreatMapper) - Apache v2, powerful runtime vulnerability scanner for kubernetes, virtual machines and serverless
|
||||
- [cnspec](https://cnspec.io) - Scan Kubernetes clusters, containers, and manifest files for vulnerabilities and misconfigurations
|
||||
- [falco](https://github.com/falcosecurity/falco) - Container Native Runtime Security
|
||||
- [KBOM](https://github.com/ksoclabs/kbom) - Kubernetes Bill of Materials Toolkit
|
||||
- [kdigger](https://github.com/quarkslab/kdigger) - Kubernetes focused container assessment and context discovery tool for penetration testing
|
||||
- [kiam](https://github.com/uswitch/kiam) - Integrate AWS IAM with Kubernetes
|
||||
- [kube-bench](https://github.com/aquasecurity/kube-bench) - Check whether Kubernetes is deployed according to security best practics
|
||||
- [kube-hunter](https://github.com/aquasecurity/kube-hunter) - Hunt for security weaknesses in Kubernetes clusters
|
||||
- [kube-psp-advisor](https://github.com/sysdiglabs/kube-psp-advisor) - Help building an adaptive and fine-grained pod security policy
|
||||
- [kube-scan](https://github.com/octarinesec/kube-scan) - k8s cluster risk assessment tool
|
||||
- [kubescape](https://github.com/kubescape/kubescape) - k8s risk analysis, security compliance, and misconfiguration scanning.
|
||||
- [kubelight - WIP but promising](https://github.com/OWASP/KubeLight) - OWASP project to scan your Kubernetes Cluster for Security & Compliance.
|
||||
- [Kubei](https://github.com/Portshift/kubei) - Vulnerabilities scanner for Kubernetes clusters
|
||||
- [kube2iam](https://github.com/jtblin/kube2iam) - Provide different AWS IAM roles for pods running on Kubernetes
|
||||
- [kubeaudit](https://github.com/Shopify/kubeaudit) - Audit your Kubernetes clusters against common security controls
|
||||
|
@ -25,8 +29,10 @@ A curated list of awesome Kubernetes security resources. Can you dig it?
|
|||
- [OWASP Top Ten for Kubernetes](https://owasp.org/www-project-kubernetes-top-ten/) - The Top Ten is a prioritized list of these risks backed by data collected from organizations varying in maturity and complexity
|
||||
- [terrascan](https://github.com/accurics/terrascan) - Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure
|
||||
- [kyverno](https://github.com/nirmata/kyverno) - Kubernetes Native Policy Management
|
||||
- [netchecks](https://github.com/hardbyte/netchecks/) - Tool to validate assumptions about the network
|
||||
- [rakkess](https://github.com/corneliusweig/rakkess) - Review access matrix for Kubernetes server resources
|
||||
- [rback](https://github.com/team-soteria/rback) - RBAC in Kubernetes visualizer
|
||||
- [red-kube](https://github.com/lightspin-tech/red-kube) - K8S Adversary Emulation Based on kubectl
|
||||
- [steampipe](https://github.com/turbot/steampipe) - Use SQL to query your cloud services (AWS, Azure, GCP and more) running Kubernetes
|
||||
- [steampipe-kubernetes](https://github.com/turbot/steampipe-plugin-kubernetes) - Use SQL to query your Kubernetes resources
|
||||
- [steampipe-kubernetes-compliance](https://github.com/turbot/steampipe-mod-kubernetes-compliance) - Kubernetes compliance scanning tool for CIS, NSA & CISA Cybersecurity technical report for Kubernetes hardening.
|
||||
|
|
Loading…
Reference in New Issue