kube-bench is a tool that checks whether Kubernetes is deployed securely by running the checks documented in the CIS Kubernetes Benchmark. Trivy, the all-in-one cloud-native security scanner, can be deployed as a Kubernetes Operator inside a cluster. Both, the Trivy CLI, and the Trivy Operator support CIS Kubernetes Benchmark scanning among several other features. There are multiple ways to run kube-bench. You can run kube-bench inside a pod, but it will need access to the host's PID namespace in order to check the running processes, as well as access to some directories on the host where config files and other files are stored.

Features

  • The supplied job.yaml file can be applied to run the tests as a job
  • Documentation available
  • Examples available
  • CIS Scanning as part of Trivy and the Trivy Operator
  • Tests are configured with YAML files
  • Checks whether Kubernetes is deployed securely by running the checks documented in the CIS Kubernetes Benchmark

Project Samples

kube-bench Screenshot 1

Project Activity

See All Activity >

Categories

Deployment

License

Apache License V2.0

Follow kube-bench

kube-bench Web Site

Other Useful Business Software
Build Securely on Azure with Proven Frameworks Icon
Build Securely on Azure with Proven Frameworks

Lay a foundation for success with Tested Reference Architectures developed by Fortinet’s experts. Learn more in this white paper.

Moving to the cloud brings new challenges. How can you manage a larger attack surface while ensuring great network performance? Turn to Fortinet’s Tested Reference Architectures, blueprints for designing and securing cloud environments built by cybersecurity experts. Learn more and explore use cases in this white paper.
Download Now
Rate This Project
Login To Rate This Project

User Reviews

Be the first to post a review of kube-bench!

Additional Project Details

Operating Systems

Linux, Mac, Windows

Programming Language

Go

Related Categories

Go Deployment Tool

Registered

2024-03-01
Report inappropriate content