Announcing Kube-Bench: An Open Source Tool for Running Kubernetes CIS Benchmark Tests
Rani Osnat
Seasoned marketing, BD and Corp Dev executive in early stage startups and growth stage companies in enterprise software, cyber security, cloud and DevOps..
The Center for Internet Security provides a number of guidelines and benchmark tests for best practices in securing your code. As Michael Cherny recently described, the CIS has recently published a benchmark for Kubernetes, and now we’re pleased to tell you about our new open source implementation of these tests: kube-bench.
It’s written as a Go application (and distributed as a container, of course), but each individual test is defined in a YAML file, which will make it easier to extend and update the test suite as the benchmark evolves along with Kubernetes itself. It also supports JSON-format output, to make it easier to integrate with automated tools.
As it’s an open source project, we welcome your feedback and ideas for improvement. We’re also aiming to collaborate with the CIS community to help make the tests themselves more robust and complete as Kubernetes develops.
Check out the full rundown here, and sign up for our upcoming Webinar: Securing Kubernetes Environment.