Kube-bench is a tool that checks whether Kubernetes is deployed securely by running the checks documented in the CIS Kubernetes Benchmark. Tests are configured with YAML files, making this tool easy to update as test specifications evolve. There are multiple ways to run kube-bench, such as inside a pod with access to the host's PID namespace and necessary directories, or by applying the supplied job.yaml file to run the tests as a job.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
Cloud runtime security platform that uses eBPF technology to monitor cloud infrastructure, detect anomalies, and identify potential security threats in real-time.
Cloud security platform that provides configuration monitoring, compliance management, and security analysis across multi-cloud environments.
An open-sourced framework for managing resources across hundreds of AWS Accounts
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
A tool that determines what AWS API calls are logged by CloudTrail and what they are logged as, and can also be used as an attack simulation framework.
A cloud security solution that provides agentless application mapping and vulnerability prioritization based on business impact across cloud environments.
Gatekeeper is a policy management tool for Kubernetes that provides an extensible, parameterized policy library and native Kubernetes CRDs for instantiating and extending the policy library.
A tool that discovers all AWS resources created in an account
ScubaGear assesses Microsoft 365 tenant configurations against CISA Secure Configuration Baselines, using PowerShell and Open Policy Agent to compare settings and generate compliance reports.
PINNED

Mandos
Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.