GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → turbot → steampipe-mod-kubernetes-compliance

turbot / steampipe-mod-kubernetes-compliance

Licence: Apache-2.0 license
Run individual controls or full compliance benchmarks for NSA CISA Kubernetes Hardening Guidance across all of your Kubernetes clusters using Steampipe.

Programming Languages

HCL
1544 projects

Labels

kubernetessecurityk8scompliancehacktoberfestkubernetes-apisteampipesteampipe-mod

Projects that are alternatives of or similar to steampipe-mod-kubernetes-compliance

Speedle
Speedle is an open source project for access control.
Stars: ✭ 153 (+565.22%)
Mutual labels:  compliance
Wazuh Kibana App
Wazuh - Kibana plugin
Stars: ✭ 212 (+821.74%)
Mutual labels:  compliance
cis benchmarks audit
Simple command line tool to check for compliance against CIS Benchmarks
Stars: ✭ 182 (+691.3%)
Mutual labels:  compliance
Wazuh
Wazuh - The Open Source Security Platform
Stars: ✭ 3,154 (+13613.04%)
Mutual labels:  compliance
Wazuh Docker
Wazuh - Docker containers
Stars: ✭ 213 (+826.09%)
Mutual labels:  compliance
Tfsec
Security scanner for your Terraform code
Stars: ✭ 3,622 (+15647.83%)
Mutual labels:  compliance
Todogroup.org
The group for companies that run open source programs
Stars: ✭ 144 (+526.09%)
Mutual labels:  compliance
client-go-examples
Collection of mini-programs demonstrating Kubernetes client-go usage.
Stars: ✭ 722 (+3039.13%)
Mutual labels:  kubernetes-api
Binaryanalysis Ng
Binary Analysis Next Generation (BANG)
Stars: ✭ 215 (+834.78%)
Mutual labels:  compliance
dep-scan
Fully open-source security audit for project dependencies based on known vulnerabilities and advisories. Supports both local repos and container images. Integrates with various CI environments such as Azure Pipelines, CircleCI and Google CloudBuild. No server required!
Stars: ✭ 346 (+1404.35%)
Mutual labels:  compliance
Opa Envoy Plugin
A plugin to enforce OPA policies with Envoy
Stars: ✭ 185 (+704.35%)
Mutual labels:  compliance
Inspec
InSpec: Auditing and Testing Framework
Stars: ✭ 2,450 (+10552.17%)
Mutual labels:  compliance
prowler
Prowler is an Open Source Security tool for AWS, Azure and GCP to perform Cloud Security best practices assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. It contains hundreds of controls covering CIS, PCI-DSS, ISO27001, GDPR, HIPAA, FFIEC, SOC2, AWS FTR, ENS and custom security frameworks.
Stars: ✭ 8,046 (+34882.61%)
Mutual labels:  compliance
Dockerspec
A small Ruby Gem to run RSpec and Serverspec, Infrataster and Capybara tests against Dockerfiles or Docker images easily.
Stars: ✭ 181 (+686.96%)
Mutual labels:  compliance
lunasec
LunaSec - Dependency Security Scanner that automatically notifies you about vulnerabilities like Log4Shell or node-ipc in your Pull Requests and Builds. Protect yourself in 30 seconds with the LunaTrace GitHub App: https://github.com/marketplace/lunatrace-by-lunasec/
Stars: ✭ 1,261 (+5382.61%)
Mutual labels:  compliance
Immudb
immudb - world’s fastest immutable database, built on a zero trust model
Stars: ✭ 3,743 (+16173.91%)
Mutual labels:  compliance
Dns Violations
List of DNS violations by implementations, software and/or systems
Stars: ✭ 216 (+839.13%)
Mutual labels:  compliance
rbac-tool
Rapid7 | insightCloudSec | Kubernetes RBAC Power Toys - Visualize, Analyze, Generate & Query
Stars: ✭ 546 (+2273.91%)
Mutual labels:  kubernetes-api
kraph
Go module for scraping APIs to graphs
Stars: ✭ 12 (-47.83%)
Mutual labels:  kubernetes-api
fedramp-tailored
FedRAMP Tailored.
Stars: ✭ 40 (+73.91%)
Mutual labels:  compliance
View All Similar Projects ➔

Kubernetes Compliance Mod for Steampipe

Multiple checks covering industry defined security best practices for Kubernetes. Includes support for CIS, National Security Agency (NSA) and Cybersecurity and Infrastructure Security Agency (CISA) Cybersecurity technical report for Kubernetes hardening.

Run checks in a dashboard: image

Or in a terminal: image

Includes support for:

Getting started

Installation

Download and install Steampipe (https://steampipe.io/downloads). Or use Brew:

brew tap turbot/tap
brew install steampipe

Install the Kubernetes plugin with Steampipe:

steampipe plugin install kubernetes

Clone:

git clone https://github.com/turbot/steampipe-mod-kubernetes-compliance.git
cd steampipe-mod-kubernetes-compliance

Usage

Start your dashboard server to get started:

steampipe dashboard

By default, the dashboard interface will then be launched in a new browser window at https://localhost:9194. From here, you can run benchmarks by selecting one or searching for a specific one.

Instead of running benchmarks in a dashboard, you can also run them within your terminal with the steampipe check command:

Run all benchmarks:

steampipe check all

Run an single benchmark:

steampipe check benchmark.nsa_cisa_v1_network_hardening_cpu_limit

Run a specific control:

steampipe check control.daemonset_cpu_limit

Different output formats are also available, for more information please see Output Formats.

Credentials

This mod uses the credentials configured in the Steampipe Kubernetes plugin.

Configuration

No extra configuration is required.

Contributing

If you have an idea for additional controls or just want to help maintain and extend this mod (or others) we would love you to join the community and start contributing.

Please see the contribution guidelines and our code of conduct. All contributions are subject to the Apache 2.0 open source license.

Want to help but not sure where to start? Pick up one of the help wanted issues:

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].