Krane – Kubernetes RBAC Static Analysis And Visualisation Tool

Krane is a simple Kubernetes RBAC static analysis tool. It identifies potential security risks in K8s RBAC design and makes suggestions on how to mitigate them. Krane dashboard presents current RBAC security posture and lets you navigate through its definition. Features RBAC Risk rules – Krane evaluates a set of built-in RBAC risk rules. TheseRead More

Botkube – An App That Helps You Monitor Your Kubernetes Cluster, Debug Critical Deployments And Gives Recommendations For Standard Practices

For complete documentation visit www.botkube.io BotKube integration with Slack, Mattermost or Microsoft Teams helps you monitor your Kubernetes cluster, debug critical deployments and gives recommendations for standard practices by running checks on the Kubernetes resources. You can also ask BotKube to execute kubectl commands on k8s cluster which helps debugging an application or cluster. HacktoberfestRead More

KubiScan – A Tool To Scan Kubernetes Cluster For Risky Permissions

A tool for scanning Kubernetes cluster for risky permissions in Kubernetes’s Role-based access control (RBAC) authorization model. The tool was published as part of the “Securing Kubernetes Clusters by Eliminating Risky Permissions” research https://www.cyberark.com/threat-research-blog/securing-kubernetes-clusters-by-eliminating-risky-permissions/. Overview KubiScan helps cluster administrators identify permissions that attackers could potentially exploit to compromise the clusters. This can be especially helpfulRead More

Kubestriker – A Blazing Fast Security Auditing Tool For Kubernetes

Kubestriker performs numerous in depth checks on kubernetes infra to identify the security misconfigurations and challenges that devops engineers/developers are likely to encounter when using Kubernetes, especially in production and at scale. kubestriker is Platform agnostic and works equally well across more than one platform such as self hosted kubernetes, Amazon EKS, Azure AKS, GoogleRead More

Kube-Score – Kubernetes Object Analysis With Recommendations For Improved Reliability And Security

kube-score is a tool that performs static code analysis of your Kubernetes object definitions. The output is a list of recommendations of what you can improve to make your application more secure and resilient. You can test kube-score out in the browser with the online demo (source). Installation kube-score is easy to install, and isRead More

Kubei – A Flexible Kubernetes Runtime Scanner

Kubei is a vulnerabilities scanning tool that allows users to get an accurate and immediate risk assessment of their kubernetes clusters. Kubei scans all images that are being used in a Kubernetes cluster, including images of application pods and system pods. It doesn’t scan the entire image registries and doesn’t require preliminary integration with CI/CDRead More

Kubebox – Terminal And Web Console For Kubernetes

Terminal and Web console for Kubernetes Features Configuration from kubeconfig files (KUBECONFIG environment variable or $HOME/.kube) Switch contexts interactively Authentication support (bearer token, basic auth, private key / cert, OAuth, OpenID Connect, Amazon EKS, Google Kubernetes Engine, Digital Ocean) Namespace selection and pods list watching Container log scrolling / watching Container resources usage (memory, CPU,Read More

Permission Manager – A Project That Brings Sanity To Kubernetes RBAC And Users Management, Web UI FTW

Welcome to the Permission Manager!Permission Manager is an application developed by SIGHUP that enables a super-easy and user-friendly RBAC management for Kubernetes. If you are looking for a simple and intuitive way of managing your users within a Kubernetes cluster, this is the right place.With Permission Manager, you can create users, assign namespaces/permissions, and distributeRead More

Kube-Bench – Checks Whether Kubernetes Is Deployed According To Security Best Practices As Defined In The CIS Kubernetes Benchmark

kube-bench is a Go application that checks whether Kubernetes is deployed securely by running the checks documented in the CIS Kubernetes Benchmark.Tests are configured with YAML files, making this tool easy to update as test specifications evolve.Please Note kube-bench implements the CIS Kubernetes Benchmark as closely as possible. Please raise issues here if kube-bench isRead More

X