Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/OWASP/KubeLight

OWASP Kubernetes security and compliance tool [WIP]
https://github.com/OWASP/KubeLight

cis compliance containers cve-scanning devsecops docker kubernetes kubernetes-security nsa owasp pci-dss python sbom scanner security security-tools vulnerability-management

Last synced: about 1 month ago
JSON representation

OWASP Kubernetes security and compliance tool [WIP]

Awesome Lists containing this project

README 

        


  KubeLight Logo




[![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://github.com/owasp/kubelight/blob/main/LICENSE)



# OWASP KubeLight - Kubernetes Security Scanner

`Scan your Kubernetes Cluster for Security & Compliance`



1. Scan K8s clusters to detect Misconfiguration. 

2. Lightweight, Pure python, fast, multithreaded tool.

3. NoSQL Query Engine. 

4. Realtime alerts on  Slack

5. SBOM generation and Image Vulnerability Scan. 

6. Compliance Reports for PCI-DSS, SOC2, NSA and CIS Benchmarks.



Note - We are releasing above points in version 0.0.5



TODOS

- [ ] Kubernetes Pentest.

- [ ] Container Runtime security support - Sydig Falco and Machine learning

- [ ] Intiuitive UI and Dashboards

- [ ] CI/CD support. 



### Links 

* [OWASP Kubernetes Scanner ](https://owasp.org/www-project-kubernetes-scanner/)