Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

https://github.com/m9sweeper/m9sweeper

m9sweeper is a free and easy kubernetes security platform.
https://github.com/m9sweeper/m9sweeper

containers docker falco kube-bench kube-hunter kubernetes kubesec security trivy

Last synced: 28 days ago
JSON representation

m9sweeper is a free and easy kubernetes security platform.

Host: GitHub
URL: https://github.com/m9sweeper/m9sweeper
Owner: m9sweeper
License: apache-2.0
Created: 2022-10-28T15:31:47.000Z (over 1 year ago)
Default Branch: main
Last Pushed: 2024-03-22T10:25:57.000Z (3 months ago)
Last Synced: 2024-03-27T19:20:35.714Z (3 months ago)
Topics: containers, docker, falco, kube-bench, kube-hunter, kubernetes, kubesec, security, trivy
Language: TypeScript
Homepage: https://m9sweeper.io/
Size: 23.1 MB
Stars: 215
Watchers: 8
Forks: 20
Open Issues: 13
Metadata Files:
- Readme: README.md
- Contributing: docs/CONTRIBUTING.md
- License: LICENSE
- Codeowners: CODEOWNERS

Lists

awesome-k8s-security - M9sweeper - Kubernetes Security Platform
awesome-kubernetes-threat-detection - m9sweeper - "m9sweeper is a free and easy kubernetes security platform. It integrates industry-standard open source utilities into a one-stop-shop kubernetes security tool that can walk most kubernetes adminstrators through securing a kubernetes cluster as well as the apps running on the cluster." (Tools / Platforms)

README

m9sweeper

Kubernetes Security for Everyone!

View Demo
·
Documentation
·
Report Bug
·
Request Feature

# :notebook_with_decorative_cover: Table of Contents

- [About the Project](#star2-about-the-project)

- [Features in Action](#camera-features-in-action)
- [Features List](#dart-features)
- [Prerequisites](#bangbang-prerequisites)
- [Tool Box](#toolbox-toolbox)
- [Quick Install](#gear-installation)
- [Code of Conduct](#scroll-code-of-conduct)

- [Contributors](#wave-contributing)
- [License](#warning-license)
- [Contact](#handshake-contact)

## :star2: About the Project

m9sweeper is a free and easy kubernetes security platform. It integrates industry standard open source utilities into a one-stop-shop kubernetes security tool that can walk most kubernetes adminstrators through securing a kubernetes cluster as well as the apps running on the cluster.

### :camera: Features in Action

### :dart: Features

m9sweeper makes securing a cluster easy with:

- CVE Scanning
- Enforcement of CVE Scanning Rules
- Reports and Dashboards, including historical reporting to see how your security posture has changed over time
- CIS Security Benchmarking
- Pen Testing
- Deployment Coaching
- Intrusion Detection
- Gatekeeper Policy Management

## :toolbox: Toolbox

m9sweeper makes it easy to orchestrate the implementation of a number of free security tools:

[Trivy](https://github.com/aquasecurity/trivy): CVE Scanner

[Kubesec](https://github.com/controlplaneio/kubesec): Deployment Best Practices

[kube-bench](https://github.com/aquasecurity/kube-bench): CIS Benchmarks

[OPA Gatekeeper](https://github.com/open-policy-agent/gatekeeper): Compliance and Security Policies

[kube-hunter](https://github.com/aquasecurity/kube-hunter): Cluster Penetration Testing

[Project Falco](https://falco.org/): Intrusion Detection

### :bangbang: Prerequisites

This project requires a Kubernetes Cluster and uses helm as package manager

```bash
Installing Kubernetes Locally with Minikube
Mac: Install from terminal
curl -LO https://storage.googleapis.com/minikube/releases/latest/minikube-darwin-amd64
sudo install minikube-darwin-amd64 /usr/local/bin/minikube

Windows: Install with chocolatey and install a bash client
choco install minikube
choco install git

Both: Start Kubernetes
minikube start --cni calico --kubernetes-version=v1.23.16
kubectl get pods --all-namespaces

More at https://minikube.sigs.k8s.io/docs/start/

```

### :gear: Quick Installation

While our documentation has more details, installing m9sweeper can be as simple
as running a few CLI commands to install it into your own kubernetes cluster
with helm.

helm repo add m9sweeper https://m9sweeper.github.io/m9sweeper && \
helm repo update && \
helm upgrade m9sweeper m9sweeper/m9sweeper --install --wait \
--create-namespace --namespace m9sweeper-system \
--set-string dash.init.superAdminEmail="[email protected]" \
--set-string dash.init.superAdminPassword="password" \
--set-string global.jwtSecret="changeme" \
--set-string global.apiKey="YOUR-API-KEY"

## :wave: Contributing

The initial project was created by team members at Intelletive Consulting at times when projects were slow or to train new members, but we hope others will contribute as well. Thanks goes to these wonderful people ([emoji key](https://allcontributors.org/docs/en/emoji-key)):

_{Jacob Beasley}
💻 📖 🔬 📆 🚇

_jasonWoodman
💻 📖 🔬 📆 🚇

_{Brandan Schmitz}
💻 🚇 📖

_KBerndt10
💻 🚇

_{beckysaunders94}
💻

_{Farhan Tanvir}
💻

_jshoberg
💻

_charisprose
💻 ⚠️

_{Gazi Tarique Mahmud}
💻

_Shibly
💻

_sabbirali
💻

_{Grant Keiner}
💻

_grantoenges
💻

_{Maggie Tian}
💻

_{Rakibul Rushel}
💻

_{Jobayer Ahmed}
💻

_{Steve Gagnon}
💻

_{Khorshed Alam}
💻

_{Koti Vellanki}
💻

_{Sahil Narang}
💻 🚇

_{Shahriya Siddique}
💻

_{Raiyan Prodhan}
💻

_{Kristin Sandness}
💻

_{Samer Sarker}
💻

This project follows the [all-contributors](https://github.com/all-contributors/all-contributors) specification. Contributions of any kind welcome!

## Feature Requests

If you have feature requests, please submit them as github issues and prefix the request with "Feature Request:". If you find the feature has already been requested, then please upvote that feature so we know it is a feature that others are looking for.

This helps us to prioritize further feature development based upon the needs of our users.

## :warning: License

Distributed under the Apache License v2. See LICENSE.txt for more information.

## :handshake: Contact

Official website - [@official_website](https://m9sweeper.io/)

Project Link: [https://github.com/m9sweeper/m9sweeper](https://github.com/m9sweeper/m9sweeper)