Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
awesome-k8s-security
A curated list for Awesome Kubernetes Security resources
https://github.com/magnologan/awesome-k8s-security
- Kubernetes in 5 mins
- Kubernetes Concepts Explained in 9 minutes!
- Kubernetes 101
- Kubernetes: Getting Started
- Kubernetes The Hard Way - Kelsey Hightower
- Kubernetes Challenge
- Kubernetes de K a S - Erlon Pinheiro
- Kubernetes Training
- Introduction to Kubernetes
- Kube Academy
- Game of Pods (KodeKloud)
- Gist of Kubernetes Resources
- Uncomplicating Kubernetes (Jeferson Noronha aka LinuxTips)
- Kubernetes Security Checklist and Requirements
- Kubernetes.io
- Kubernetes GitHub
- Kubernetes Security and Disclosure Information
- Cloud Native Security
- Pod Security Standards
- CNCF STAG - Security Technical Advisory Group
- CNCF STAG Meeting Notes
- CNCF STAG Mailing List
- Kubernetes SIG Security
- Kubernetes SIG Security Meeting Notes
- Kubernetes SIG Auth (Authorization, Authentication, and Cluster Security Policy)
- Kubernetes Security Audit 2019 Results
- Kubernetes Security Audit 2021 RFP
- Compromising Kubernetes Cluster by Exploiting RBAC Permissions - Eviatar Gerzi, CyberArk (RSA 2020)
- Kubernetes Deconstructed: Understanding Kubernetes by Breaking It Down - Carson Anderson, DOMO
- Kubernetes Deconstructed: Understanding Kubernetes by Breaking It Down - Carson Anderson, DOMO (Extended Version)
- Advanced Persistence Threats: The Future of Kubernetes Attacks (RSAC 2020)
- Kubernetes Security Best Practices - Ian Lewis, Google
- Securing Kubernetes Secrets (Cloud Next '19)
- Jay Beale - Attacking and Defending Kubernetes - DEF CON 27 Packet Hacking Village
- The State of Kubernetes Security - Liz Rice
- DIY Pen-Testing for Your Kubernetes Cluster - Liz Rice, Aqua Security
- Kubernetes Security 101: Best Practices to Secure your Cluster
- Kubernetes Security 101: OWASP Natal Virtual Meeting
- Rory's McCune **@raesene** Kubernetes Security Lab | Rawkode Live workshop
- Cloud native security for your clusters
- Container Security: Examining Potential Threats to the Container Environment
- Kubernetes securityContext: Linux capabilities in Kubernetes
- 10 Kubernetes Security Context settings you should understand
- Kubesploit: A New Offensive Tool for Testing Containerized Environments
- Securing Kubernetes Clusters by Eliminating Risky Permissions
- Using Kubelet Client to Attack the Kubernetes Cluster
- Eight Ways to Create a Pod
- Risk8s Business: Risk Analysis of Kubernetes Clusters
- How to Set Up and Manage Logs with Kubernetes
- The Current State of Kubernetes Threat Modelling
- Hildegard: New TeamTNT Cryptojacking Malware Targeting Kubernetes
- The Basics of Keeping Kubernetes Clusters Secure
- The Basics of Keeping Kubernetes Cluster Secure: Worker Nodes and Related Components
- How to Secure Your Kubernetes Cluster
- Kubernetes Security 101: Best Practices To Secure Your Cluster
- Kubernetes Security
- Introducing Kubernetes Goat
- Threat Matrix for Kubernetes
- Open Sourcing the Kubernetes Security Audit
- Amazon EKS Best Practices Guide for Security
- Protecting Kubernetes: The Kubernetes Attack Matrix and How to Mitigate Its Threats
- Securing the 4Cs of Cloud Native
- CVE-2018-18264 Privilege escalation through Kubernetes dashboard
- Certified Kubernetes Security Specialist (CKS) exam guide
- A Deep Dive Into Kubernetes Schema Validation
- A Beginner-Friendly Introduction to Kubernetes
- Managing Kubernetes without losing your cool
- Kubernetes: Detailed security assessment guidelines and necessary checklist
- Hacking Kubernetes by Andrew Martin, Michael Hausenblas
- Learn Kubernetes Security by Kaizhe Huang and Pranjal Jumde
- Kubernetes Security by Liz Rice and Michael Hausenblas
- Container Security by Liz Rice
- Kubernetes: Up and Running, Second Edition by Brendan Burns, Joe Beda and Kelsey Hightower
- The Kubernetes Book by Nigel Poulton and Pushkar Joglekar
- Kubernetes Patterns: Reusable Elements for Designing Cloud-Native Applications by Bilgin Ibryam & Roland Huß
- Securing Kubernetes Secrets by Alex Soto Bueno and Andrew Block
- Kubernetes in Action, Second Edition by Marko Lukša
- Google Anthos by Antonio Gulli et al.
- Kubernetes for Developers by William Denniss
- Kubernetes on Windows by Jay Vyas and James Sturtevant
- Core Kubernetes by Chris Love
- Kubernetes Security with M9sweeper
- CKAD
- CKA
- Certified Kubernetes Administrator (CKA) Course
- CKS
- Certified Kubernetes Security Specialist (CKS)
- CKSS-Certified-Kubernetes-Security-Specialist
- Certified Kubernetes Security Specialist Study Guide
- References for CKS Exam Objectives
- Exploring container security: Vulnerability management in open-source Kubernetes
- CVE-2018-18264 - Kubernetes Dashboard bypass authentication
- CVE-2019-11247 - kube-apiserver mistakenly allows access to a cluster-scoped custom resource
- CVE-2019-11249 - kubectl cp command tar exploit
- CVE-2020-8558 PoC - kube-proxy unexpectedly makes localhost-bound host services available to others on the network
- CVE-2020-8559 PoC - kube-apiserver vulnerable to an unvalidated redirect on proxied upgrade requests
- CVE-2020-8559 PoC 2 - kube-apiserver vulnerable to an unvalidated redirect on proxied upgrade requests
- CVE-2020-10749 PoC - malicious containers in Kubernetes clusters to perform man-in-the-middle (MitM) attacks
- CVE-2021-25735 - kube-apiserver allow node updates to bypass a Validating Admission Webhook
- CVE-2021-25737 - user may be able to redirect pod traffic to private networks on a node
- CVE-2021-25740 - enable users to send network traffic to locations they would otherwise not have access to via a confused deputy attack
- CVE-2021-25741 - user may be able to create a container with subpath volume mounts to access files & directories outside of the volume
- CVE-2021-30465 - runc container filesystem breakout via directory traversal
- Communication is Key - Understanding Kubernetes Networking (KubeCon EU 2020)
- Seccomp Profiles and you: A practical guide (KubeCon EU 2020)
- Advanced Persistence Threats: The Future of Kubernetes Attacks (KubeCon EU 2020)
- Help! My Cluster Is On The Internet!
- Secure Kubernetes
- Cloud Native Security Tutorial
- Kubernetes Security (Advanced Concepts)
- Kubernetes Goat Guide
- Katacoda Kubernetes Goat Videos
- Attacking and Auditing Docker Containers and Kubernetes Clusters
- A Cloud Guru Kubernetes Security
- SANS Cloud-Native Security Defending Containers and Kubernetes
- Tutorial: Getting Started With Cloud-Native Security - KubeCon EU 2020 - Liz Rice & Michael Hausenblas
- Control Plane Security Training
- Kubernetes CKS Exam Simulator
- Kubernetes Security Workshop
- Linux Academy - Kubernetes Security
- Mumshad's KodeCloud Certified kubernetes security specialist **cks**
- kubectl
- krew
- Bust-a-Kube
- kube-goat
- Kubernetes Goat
- Kubernetes Networking Labs for KubeCon EU 2020 Talk
- CNCF Security Audits
- Kube Security Lab: Learn from Kuberenetes attacks using Ansible and KinD
- kdigger
- kube-hunter
- kubeletctl
- kubesploit
- Peirates
- KubeArmor - Cloud-native runtime protection
- Kubescape - Kubernetes is deployed securely according to NSA-CISA and the MITRE ATT&CK® frameworks
- KubiScan
- Kubernetes Audit by Trail of Bits
- kubeaudit
- Deepfence ThreatMapper
- falco
- kubesec
- kube-bench
- trivy
- MKIT
- kubetap
- kube-forensics
- k8s-security-dashboard
- CIS Kubernetes Benchmark - InSpec Profile
- Kube PodSecurityPolicy Advisor
- Inspektor Gadget
- Starboard
- Advocacy Site for Kubernetes RBAC
- Helm-Snyk
- Krane
- rakkess
- kubectl-who-can
- Kubernetes Security - Best Practice Guide
- External Secrets
- kubescape
- KubeLinter
- Open Policy Agent
- Gatekeeper
- Kyverno
- Kubewarden
- KICS - Keeping Infrastructure as Code Secure
- cnspec - cloud-native security and policy project
- M9sweeper - Kubernetes Security Platform
- Kubernetes Security Assessment - Final Report - May 2019
- Kubernetes Security Whitepaper - June 2019
- Kubernetes Threat Model - June 2019
- Kubernetes Attack Tree
- Attacking Kubernetes - A Guide for Administrators and Penetration Testers
- CIS Kubernetes Benchmark
- Kubernetes é seguro por default ou à prova de má configuração?
- TGI Kubernetes
- The Podlets
- Kubecast
- Kubernetes Podcast (from Google)
- PodCTL - Enterprise Kubernetes
- Kubernetes Slack
- CNCF Slack
- Kubernetes Canada Slack
- kubelist
- LWKD
- Kube Careers
- AKS
- EKS
- GKE
- Docker Swarm
- Apache Mesos
- HashiCorp Nomad
- Red Hat Openshift
- kubepwn
- awesome-kubernetes-security
- awesome-kubernetes
- awesome-istio
- awesome-falco
- awesome-cloud-native
- awesome-opa
Programming Languages
Keywords
kubernetes
37
security
21
containers
10
kubernetes-security
8
cloud-native
7
security-tools
7
golang
6
cncf
6
rbac
5
devops
5
devsecops
5
k8s
5
falco
4
awesome-list
4
vulnerability-detection
4
docker
4
kube-bench
3
open-policy-agent
3
policy
3
vulnerability-scanners
3
kubectl
3
authorization
3
container-security
3
awesome
3
certification
3
cks
3
ckss
3
infrastructure-as-code
2
rbac-management
2
azure
2
tool
2
cloudsecurity
2
iac
2
audit
2
aws
2
vulnerability
2
static-analysis
2
kubectl-plugins
2
best-practice
2
vulnerabilities
2
kube-hunter
2
hardening
2
mitre-attack
2
go
2
access-control
2
trivy
2
opa
2
ebpf
2
redteam-tools
1
client
1