Tech N' Talk: Implementing CIS Kubernetes Security Benchmarks with Kube-Bench
July 26, 2017 | by
Tech N' Talk Summary
In this Tech N' Talk, Liz Rice of Aqua Security walked us through a new open source project called Kube-Bench that automates the Center for Internet Security's Kubernetes Security Benchmarks. The Kubernetes Bench for Security is a Go application that checks whether Kubernetes is deployed securely by running the checks documented in the CIS Kubernetes 1.6 Benchmark v1.0.0. Tests are configured with YAML files, making this tool easy to update as test specifications evolve.
Liz also gave a brief introduction to yet another fine Kubernetes-related open source project that was just announced yesterday: Manifesto! Manifesto lets users store and query metadata for Docker images. This metadata can be information that you want to store about an image post-build - where labels are not sufficient.
Don't forget to leave your feedback and suggestions for each video on YouTube or in the comments section below.
About Tech N' Talk
The Tech N' Talk podcast series aims to bring together thinkers, creators, and coders from across the entire Cloud Native ecosystem to discuss some of the most interesting ideas and innovations in technology today and sparks more conversations and collaborations. Join the discussion online here!
Learn More at the Next OpenShift Commons Gathering in Austin Dec 5th
OpenShift Commons is the place for organizations that are part of the OpenShift community to connect with peers and other related open source technology communities to communicate and collaborate across all OpenShift projects and stakeholders.
The Commons' goal is to foster collaboration and communication between OpenShift stakeholders to drive success for all members, and expand & facilitate points of connection between members for sharing knowledge and experience to help drive success for the platform and for participants: customers, users, partners, and contributors.
In this article, I will walk you through the deployment of Keycloak, a user authentication and authorization tool and how to integrate this to any Kubernetes Web application without touching a single ...
Introduction In Part 1: How to Enable Hardware Accelerators on OpenShift we gave a high-level overview of the Special Resource Operator (SRO) and a detailed view of the workflow on enabling hardware ...