home • source • nvt

Kubernetes Security

Resources

• Kubernetes Security | Operating Kubernetes Clusters and Applications Safely
• freach/kubernetes-security-best-practice: Kubernetes Security - Best Practice Guide

Secrets

• external-secrets/kubernetes-external-secrets: Integrate external secret management systems with Kubernetes
• bitnami-labs/sealed-secrets: A Kubernetes controller and tool for one-way encrypted Secrets

Auditing

• Auditing - Kubernetes
• Kubernetes Audit Logging Tutorial | Benji Visser

RBAC

• Using RBAC Authorization - Kubernetes
• cruise-automation/rbacsync: Automatically sync groups into Kubernetes RBAC
• aquasecurity/kubectl-who-can: Show who has RBAC permissions to perform actions on different resources in Kubernetes

Tools

• deepfence/ThreatMapper: Identify vulnerabilities in running containers, images, hosts and repositories
• aquasecurity/starboard: Kubernetes-native security toolkit
• aquasecurity/kube-hunter: Hunt for security weaknesses in Kubernetes clusters
• aquasecurity/kube-bench: Checks whether Kubernetes is deployed according to security best practices as defined in the CIS Kubernetes Benchmark