Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/m9sweeper/m9sweeper
m9sweeper is a free and easy kubernetes security platform.
https://github.com/m9sweeper/m9sweeper
containers docker falco kube-bench kube-hunter kubernetes kubesec security trivy
Last synced: 28 days ago
JSON representation
m9sweeper is a free and easy kubernetes security platform.
- Host: GitHub
- URL: https://github.com/m9sweeper/m9sweeper
- Owner: m9sweeper
- License: apache-2.0
- Created: 2022-10-28T15:31:47.000Z (over 1 year ago)
- Default Branch: main
- Last Pushed: 2024-03-22T10:25:57.000Z (3 months ago)
- Last Synced: 2024-03-27T19:20:35.714Z (3 months ago)
- Topics: containers, docker, falco, kube-bench, kube-hunter, kubernetes, kubesec, security, trivy
- Language: TypeScript
- Homepage: https://m9sweeper.io/
- Size: 23.1 MB
- Stars: 215
- Watchers: 8
- Forks: 20
- Open Issues: 13
-
Metadata Files:
- Readme: README.md
- Contributing: docs/CONTRIBUTING.md
- License: LICENSE
- Codeowners: CODEOWNERS
Lists
- awesome-k8s-security - M9sweeper - Kubernetes Security Platform
- awesome-kubernetes-threat-detection - m9sweeper - "m9sweeper is a free and easy kubernetes security platform. It integrates industry-standard open source utilities into a one-stop-shop kubernetes security tool that can walk most kubernetes adminstrators through securing a kubernetes cluster as well as the apps running on the cluster." (Tools / Platforms)
README
m9sweeper
Kubernetes Security for Everyone!
View Demo
ยท
Documentation
ยท
Report Bug
ยท
Request Feature
# :notebook_with_decorative_cover: Table of Contents
- [About the Project](#star2-about-the-project)
- [Features in Action](#camera-features-in-action)
- [Features List](#dart-features)
- [Prerequisites](#bangbang-prerequisites)
- [Tool Box](#toolbox-toolbox)
- [Quick Install](#gear-installation)
- [Code of Conduct](#scroll-code-of-conduct)- [Contributors](#wave-contributing)
- [License](#warning-license)
- [Contact](#handshake-contact)## :star2: About the Project
m9sweeper is a free and easy kubernetes security platform. It integrates industry standard open source utilities into a one-stop-shop kubernetes security tool that can walk most kubernetes adminstrators through securing a kubernetes cluster as well as the apps running on the cluster.
### :camera: Features in Action
### :dart: Features
m9sweeper makes securing a cluster easy with:
- CVE Scanning
- Enforcement of CVE Scanning Rules
- Reports and Dashboards, including historical reporting to see how your security posture has changed over time
- CIS Security Benchmarking
- Pen Testing
- Deployment Coaching
- Intrusion Detection
- Gatekeeper Policy Management## :toolbox: Toolbox
m9sweeper makes it easy to orchestrate the implementation of a number of free security tools:
[Trivy](https://github.com/aquasecurity/trivy): CVE Scanner
[Kubesec](https://github.com/controlplaneio/kubesec): Deployment Best Practices
[kube-bench](https://github.com/aquasecurity/kube-bench): CIS Benchmarks
[OPA Gatekeeper](https://github.com/open-policy-agent/gatekeeper): Compliance and Security Policies
[kube-hunter](https://github.com/aquasecurity/kube-hunter): Cluster Penetration Testing
[Project Falco](https://falco.org/): Intrusion Detection
### :bangbang: Prerequisites
This project requires a Kubernetes Cluster and uses helm as package manager
```bash
Installing Kubernetes Locally with Minikube
Mac: Install from terminal
curl -LO https://storage.googleapis.com/minikube/releases/latest/minikube-darwin-amd64
sudo install minikube-darwin-amd64 /usr/local/bin/minikubeWindows: Install with chocolatey and install a bash client
choco install minikube
choco install gitBoth: Start Kubernetes
minikube start --cni calico --kubernetes-version=v1.23.16
kubectl get pods --all-namespacesMore at https://minikube.sigs.k8s.io/docs/start/
```
### :gear: Quick Installation
While our documentation has more details, installing m9sweeper can be as simple
as running a few CLI commands to install it into your own kubernetes cluster
with helm.helm repo add m9sweeper https://m9sweeper.github.io/m9sweeper && \
helm repo update && \
helm upgrade m9sweeper m9sweeper/m9sweeper --install --wait \
--create-namespace --namespace m9sweeper-system \
--set-string dash.init.superAdminEmail="[email protected]" \
--set-string dash.init.superAdminPassword="password" \
--set-string global.jwtSecret="changeme" \
--set-string global.apiKey="YOUR-API-KEY"## :wave: Contributing
The initial project was created by team members at Intelletive Consulting at times when projects were slow or to train new members, but we hope others will contribute as well. Thanks goes to these wonderful people ([emoji key](https://allcontributors.org/docs/en/emoji-key)):
Jacob Beasley
๐ป ๐ ๐ฌ ๐ ๐
jasonWoodman
๐ป ๐ ๐ฌ ๐ ๐
Brandan Schmitz
๐ป ๐ ๐
KBerndt10
๐ป ๐
beckysaunders94
๐ป
Farhan Tanvir
๐ป
jshoberg
๐ป
charisprose
๐ป โ ๏ธ
Gazi Tarique Mahmud
๐ป
Shibly
๐ป
sabbirali
๐ป
Grant Keiner
๐ป
grantoenges
๐ป
Maggie Tian
๐ป
Rakibul Rushel
๐ป
Jobayer Ahmed
๐ป
Steve Gagnon
๐ป
Khorshed Alam
๐ป
Koti Vellanki
๐ป
Sahil Narang
๐ป ๐
Shahriya Siddique
๐ป
Raiyan Prodhan
๐ป
Kristin Sandness
๐ป
Samer Sarker
๐ป
This project follows the [all-contributors](https://github.com/all-contributors/all-contributors) specification. Contributions of any kind welcome!
## Feature Requests
If you have feature requests, please submit them as github issues and prefix the request with "Feature Request:". If you find the feature has already been requested, then please upvote that feature so we know it is a feature that others are looking for.
This helps us to prioritize further feature development based upon the needs of our users.
## :warning: License
Distributed under the Apache License v2. See LICENSE.txt for more information.
## :handshake: Contact
Official website - [@official_website](https://m9sweeper.io/)
Project Link: [https://github.com/m9sweeper/m9sweeper](https://github.com/m9sweeper/m9sweeper)