#Kubernetes-security
Showing 32 of 32 repositories tagged #kubernetes-security, ranked by stars
Checks whether Kubernetes is deployed according to security best practices as defined in the CIS Kubernetes Benchmark
A roadmap to learn Kubernetes from scratch (Beginner to Advanced level)
Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on playground ๐
๐ฆ Make security testing of K8s, Docker, and Containerd easier.
:cloud: :zap: Granular, Actionable Adversary Emulation for the Cloud
Curated resources help you prepare for the CNCF/Linux Foundation CKS 2021 "Kubernetes Certified Security Specialist" Certification exam. Please provide feedback or requests by raising issues, or making a pull request. All feedback for improvements are welcome. thank you.
HummerRisk ๆฏไบๅ็ๅฎๅ จๅนณๅฐ๏ผๅ ๆฌๆททๅไบๅฎๅ จๆฒป็ๅไบๅ็ๅฎๅ จๆฃๆตใ
Open-source Platform for learning kubernetes and aws eks and preparation for for Certified Kubernetes exams (CKA ,CKS , CKAD, ICA)
Metarget is a framework providing automatic constructions of vulnerable infrastructures.
Constellation is a Kubernetes distribution for confidential computing, securing entire clusters on untrusted infrastructure. Constellation is in maintenance mode. New development continues in Contrast, which provides workload-level confidential computing using Confidential Containers. ๐ https://github.com/edgelesssys/contrast
A Blazing fast Security Auditing tool for Kubernetes
Tool for building Kubernetes attack paths
A curated list of awesome Kubernetes security resources
Kubernetes security notes and best practices
TerraformGoat is HXSecurity research lab's "Vulnerable by Design" multi cloud deployment tool.
Kubernetes Security Checklist and Requirements - All in One (authentication, authorization, logging, secrets, configuration, network, workloads, dockerfile)
Kubernetes security tool for policy enforcement
MKIT is a Managed Kubernetes Inspection Tool that validates several common security-related configuration settings of managed Kubernetes cluster objects and the workloads/resources running inside the cluster.
All-in-one auditing toolkit for identifying common security issues in managed Kubernetes environments. Currently supports Amazon EKS.
Evaluate the RBAC permissions of Kubernetes identities through policies written in Rego
awesome resources about cloud native security ๐ฟ
Trivy Operator Dashboard: A comprehensive tool for Trivy Operator. Offers various dashboards and interactive pages where you can browse and inspect Trivy Reports. Built with C#, .NET 10 (backend), Angular 21, and Node.js 24 (frontend).
This tutorial is an introduction to Kubernetes for Application Developers. The tutorial will aid in the preparation for the CKAD exam.
Go-to CLI tool for Kubewarden users
Curating Falco rules with MITRE ATT&CK Matrix
Kubernetes security assessment CLI: RBAC, pod-escape, and privilege-escalation path analysis. Cloudsplaining for Kubernetes.
Centralized multi-cluster Kubernetes observability platform โ real-time dependency mapping, impact analysis, change detection, and security monitoring across all your clusters, powered by eBPF
OWASP EKS Goat is a deliberately vulnerable EKS cluster environment to explore AWS cloud-native security through hands-on attack and defense labs with walkthrough.
The Amazon Elastic Kubernetes Service (EKS) Creation Engine (ECE) is a Python command-line program created by the Lightspin Office of the CISO to facilitate the creation and enablement of secure EKS Clusters.
Zero-overhead eBPF process tracer for Linux malware triage and incident response. Traces syscalls, network, and file events per-process without strace overhead.
Deterministic Linux runtime enforcement with eBPF LSM: block file/network operations before syscalls complete.