🔒 awesome-kubernetes-security

A curated list of awesome Kubernetes security resources. Can you dig it?

Open Source Projects

aad-pod-identity - Assign Azure AD idenitites to pods in Kubernetes, in order to access Azure resources
audit2rbac - Autogenerate RBAC policies based on Kubernetes audit logs
Deepfence ThreatMapper - Apache v2, powerful runtime vulnerability scanner for kubernetes, virtual machines and serverless
falco - Container Native Runtime Security
kiam - Integrate AWS IAM with Kubernetes
kube-bench - Check whether Kubernetes is deployed according to security best practics
kube-hunter - Hunt for security weaknesses in Kubernetes clusters
kube-psp-advisor - Help building an adaptive and fine-grained pod security policy
kube-scan - k8s cluster risk assessment tool
Kubei - Vulnerabilities scanner for Kubernetes clusters
kube2iam - Provide different AWS IAM roles for pods running on Kubernetes
kubeaudit - Audit your Kubernetes clusters against common security controls
kubectl-bindrole - Find Kubernetes roles bound to a specified ServiceAccount, Group or User
kubectl-dig - Deep Kubernetes visibility from the kubectl
kubectl-kubesec - Scan Kubernetes pods, deployments, daemonsets and statefulsets with kubesec.io
kubectl-who-can - Show who has permissions to <verb> <resource> in Kubernetes
terrascan - Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure
kyverno - Kubernetes Native Policy Management
rakkess - Review access matrix for Kubernetes server resources
rback - RBAC in Kubernetes visualizer
steampipe - Use SQL to query your cloud services (AWS, Azure, GCP and more) running Kubernetes
steampipe-kubernetes - Use SQL to query your Kubernetes resources
steampipe-kubernetes-compliance - Kubernetes compliance scanning tool for CIS, NSA & CISA Cybersecurity technical report for Kubernetes hardening.
trivy - A Simple and Comprehensive Vulnerability Scanner for Containers, Suitable for CI
kubernetes-rbac-audit - Tool for auditing RBACs in Kubernetes
kubernetes-external-secrets - Tool to get External Secrets from Hashicorp Vault and AWS SSM

General Resources

Twitter Accounts

About

A curated list of awesome Kubernetes security resources