regolibrary

The regolibrary package contains the controls Kubescape uses for detecting misconfigurations in Kubernetes manifests. (by kubescape)

Regolibrary Alternatives

Similar projects and alternatives to regolibrary based on common topics and language

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a better regolibrary alternative or higher similarity.

regolibrary reviews and mentions

Posts with mentions or reviews of regolibrary. We have used some of these posts to build our list of alternatives and similar projects. The last one was on 2023-01-11.
  • CNCF accepts Kubescape as its first security and compliance scanner project
    2 projects | news.ycombinator.com | 11 Jan 2023
    The question you're asking is missing the important piece: how useful are they _to whom_.

    To a developer, think of them as glorified linters (most of them are, including Kubescape, I believe). Someone on your team chooses which included things should be flagged (e.g. "require resource limits to be set on pods", see the list here: https://github.com/kubescape/regolibrary), and then the tool yells at you when you try to do something it doesn't like. It's then up to you to figure out how to comply with the tool's decisions. Some people really like them, some people really hate them.

    To an engineering manager or SRE team, I think they're great at preventing common errors that would otherwise be enforced through code reviews or other processes; they're basically the remediation after an outage where a pod OOMed ("if we set sane resource limits and enforce them, this won't happen" --> enforce resource limits policy).

    To your company's legal and compliance team, they usually fulfill a checkbox requirement along the way to $COMPLIANCE_FRAMEWORK. By the time your company is at sufficient scale, you'll have a number of these, and automation is the only way to keep everyone sane (developers and auditors alike).

    In general, I think they're well intentioned, and can be useful, but aren't a panacea--they aren't going to catch anything you're not already looking for, they're just going to make it easier to remedy/enforce the problems you already know about.

  • Kubescape: a Kind Insurance Inspector for Your Kubernetes Investments
    4 projects | dev.to | 13 Jun 2022
    Kubescape retrieves the Kubernetes objects from the API server and scan them by running a set of snippets developed by ARMO.
  • Are you scanning your Kubernetes cluster with Kubescape? What are your thoughts?
    4 projects | reddit.com/r/kubernetes | 28 Nov 2021
    FYI The policies are also open-source and you can find them here
    4 projects | reddit.com/r/kubernetes | 28 Nov 2021
    I guess I was not understood correctly and I apologize for that. When a new CVE is reported, we publish a control testing and alerting users if they are exposed. For example when CVE-2021-25742 was reported, we published the control less than a day later.
  • A note from our sponsor - InfluxDB
    www.influxdata.com | 31 Jan 2023
    InfluxDB is the Time Series Platform where developers build real-time applications for analytics, IoT and cloud-native services. Easy to start, it is available in the cloud or on-premises. Learn more →

Stats

Basic regolibrary repo stats
5
66
8.7
2 days ago

kubescape/regolibrary is an open source project licensed under Apache License 2.0 which is an OSI approved license.

SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com