Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
awesome-kubernetes-security
A curated list of awesome Kubernetes security resources
https://github.com/ksoclabs/awesome-kubernetes-security
Last synced: 2 days ago
JSON representation
-
Open Source Projects
- cnspec - Scan Kubernetes clusters, containers, and manifest files for vulnerabilities and misconfigurations
- OWASP Top Ten for Kubernetes - The Top Ten is a prioritized list of these risks backed by data collected from organizations varying in maturity and complexity
- terrascan - Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure
- aad-pod-identity - Assign Azure AD idenitites to pods in Kubernetes, in order to access Azure resources
- audit2rbac - Autogenerate RBAC policies based on Kubernetes audit logs
- CDK - Zero Dependency Container Penetration Toolkit
- Deepfence ThreatMapper - Apache v2, powerful runtime vulnerability scanner for kubernetes, virtual machines and serverless
- falco - Container Native Runtime Security
- KBOM - Kubernetes Bill of Materials Toolkit
- kdigger - Kubernetes focused container assessment and context discovery tool for penetration testing
- kiam - Integrate AWS IAM with Kubernetes
- kube-bench - Check whether Kubernetes is deployed according to security best practics
- kube-hunter - Hunt for security weaknesses in Kubernetes clusters
- kube-psp-advisor - Help building an adaptive and fine-grained pod security policy
- kube-scan - k8s cluster risk assessment tool
- kubescape - k8s risk analysis, security compliance, and misconfiguration scanning.
- kubelight - WIP but promising - OWASP project to scan your Kubernetes Cluster for Security & Compliance.
- kube2iam - Provide different AWS IAM roles for pods running on Kubernetes
- kubeaudit - Audit your Kubernetes clusters against common security controls
- kubectl-dig - Deep Kubernetes visibility from the kubectl
- kubectl-who-can - Show who has permissions to \<verb\> \<resource\> in Kubernetes
- kyverno - Kubernetes Native Policy Management
- netchecks - Tool to validate assumptions about the network
- rakkess - Review access matrix for Kubernetes server resources
- rback - RBAC in Kubernetes visualizer
- red-kube - K8S Adversary Emulation Based on kubectl
- steampipe - Use SQL to query your cloud services (AWS, Azure, GCP and more) running Kubernetes
- steampipe-kubernetes - Use SQL to query your Kubernetes resources
- steampipe-kubernetes-compliance - Kubernetes compliance scanning tool for CIS, NSA & CISA Cybersecurity technical report for Kubernetes hardening.
- trivy - A Simple and Comprehensive Vulnerability Scanner for Containers, Suitable for CI
- trivy-operator - Kubernetes-native security (Vulnerabilities,IaC MisConfig,Exposed Secrets,RBAC Assessment,Compliance and more) toolkit for kubernetes
- kubernetes-rbac-audit - Tool for auditing RBACs in Kubernetes
- kubernetes-external-secrets - Tool to get External Secrets from Hashicorp Vault and AWS SSM
- vault-secrets-operator - An operator to create Kubernetes secrets from Vault for a secure GitOps based workflow
- Kubei - Vulnerabilities scanner for Kubernetes clusters
-
General Resources
- Kubernetes Security and Disclosure Information
- Kubernetes Security
- OWASP Kubernetes Security Cheatsheet
- Securing Kubernetes Clusters
- Kubernetes Security : 6 Best Practices for 4C Security Model
- CKS Certified Kubernetes Security Specialist resources repo
- Kubernetes Security Checklist and Requirements
- GKE Security Bulletins
-
Twitter Accounts
- Ann N Wallace
- Annabelle Bertucio
- Brad Geessaman
- Duffie Cooley
- Erik St. Martin
- Greg Castle
- Ian Coldwater
- Jimmy Mesta
- Jordan Liggitt
- learnk8s
- Liz Rice
- Andrew Martin
- Mark Manning
- Maya Kaczorowski
- Michael Ducy
- Michael Hausenblas
- Peter Benjamin
- Rory McCune
- Tabitha Sable
- Tim Allclair
- Timothy St. Clair
- Sangam Biradar
Programming Languages
Sub Categories
Keywords
kubernetes
28
security
13
security-tools
6
devsecops
6
containers
6
kubernetes-security
6
cloud-native
6
k8s
5
vulnerability-detection
4
devops
4
rbac
4
aws
3
golang
3
vulnerabilities
3
compliance
3
steampipe
3
docker
3
container-security
3
vulnerability-scanners
3
azure
2
zero-etl
2
falco
2
kubernetes-api
2
kubectl
2
sqlite
2
observability
2
kube-bench
2
audit
2
postgresql-fdw
2
cspm
2
misconfiguration
2
authorization
2
openshift
2
cnapp
2
postgresql
2
mitre-attack
2
kubectl-plugins
2
cloud-native-security
2
nsa
2
vault
2
scanner
2
cis
2
sbom
2
etl
2
vulnerability-management
2
runtime-security
1
ebpf
1
pentest
1
tool
1
aws-iam
1