How to Secure Your Kubernetes Clusters With Best Practices

1. clair

   1 23 10,659 8.9 Go

   Vulnerability Static Analysis for Containers

   

   Enable container image scanning in your CI/CD phase to catch known vulnerabilities using tools like clair or Anchore.

2. InfluxDB

   www.influxdata.com featured

   InfluxDB – Built for High-Performance Time Series Workloads. InfluxDB 3 OSS is now GA. Transform, enrich, and act on time series data directly in the database. Automate critical tasks and eliminate the need to move data externally. Download now.

   

3. anchore-engine

   2 3 1,529 4.0 Python

   Discontinued A service that analyzes docker images and scans for vulnerabilities

   

   Enable container image scanning in your CI/CD phase to catch known vulnerabilities using tools like clair or Anchore.

4. kops

   3 54 16,234 9.8 Go

   Kubernetes Operations (kOps) - Production Grade k8s Installation, Upgrades and Management

   

   Like any other software, Kubernetes also has bugs and issues. And from time to time, there might be a high severity bug that calls for a CVE. Hence, it's an excellent idea to keep the Kubernetes version up to date on the server and the CLI client. You can check the Kubernetes security and disclosure information website to see if there are known security vulnerabilities for your Kubernetes version. If you are using a managed PaaS, it should be pretty easy to upgrade, and for on-prem installations, there are tools like kOps, kubeadm, and so on, that makes it easy to upgrade clusters.

5. docker-bench-security

   4 15 9,402 4.8 Shell

   The Docker Bench for Security is a script that checks for dozens of common best-practices around deploying Docker containers in production.

   

   Use Docker Bench for Security to audit your container images

Suggest a related project