Download
kube-bench is a tool that checks whether Kubernetes is deployed securely by running the checks documented in the CIS Kubernetes Benchmark. Trivy, the all-in-one cloud-native security scanner, can be deployed as a Kubernetes Operator inside a cluster. Both, the Trivy CLI, and the Trivy Operator support CIS Kubernetes Benchmark scanning among several other features. There are multiple ways to run kube-bench. You can run kube-bench inside a pod, but it will need access to the host's PID namespace in order to check the running processes, as well as access to some directories on the host where config files and other files are stored.
Features
- The supplied job.yaml file can be applied to run the tests as a job
- Documentation available
- Examples available
- CIS Scanning as part of Trivy and the Trivy Operator
- Tests are configured with YAML files
- Checks whether Kubernetes is deployed securely by running the checks documented in the CIS Kubernetes Benchmark
Project Samples
Categories
DeploymentLicense
Apache License V2.0Follow kube-bench
Other Useful Business Software
99.99% Uptime for MySQL and PostgreSQL on Google Cloud
Cloud SQL Enterprise Plus gives you a 99.99% availability SLA with near-zero downtime maintenance—typically under 10 seconds. Get 2x better read/write performance, intelligent data caching, and 35 days of point-in-time recovery. Supports MySQL, PostgreSQL, and SQL Server with built-in vector search for gen AI apps. New customers get $300 in free credit.
Rate This Project
Login To Rate This Project
User Reviews
Be the first to post a review of kube-bench!
