Security News > 2021 > May > Kubestriker: A security auditing tool for Kubernetes clusters

Kubestriker is an open-source, platform-agnostic tool for identifying security misconfigurations in Kubernetes clusters.

It performs a variety of checks on a range of services and open ports on the Kubernetes platform, helps safeguard against potential attacks on Kubernetes clusters by continuously scanning, monitoring and alerting of any anomalies, allows users to see components of the Kubernetes infrastructure, and visualizes attack paths.

"Kubernetes has become a popular open-source platform for containerized workflows and a key building block for modern technology infrastructure. According to Gartner, by 2025 more than 85% of global organizations will be running containerized applications in production. This widespread popularity and lack of solid security measures in place have made Kubernetes the perfect target for attackers," Kubestriker's creator Vasant Chinnipilli, a security architect and DevSecOps practitioner, told Help Net Security.

"Creating and maintaining a secure Kubernetes native infrastructure is not easy, as it involves addressing the security challenges associated with numerous moving pieces in the cluster and mitigating the risk of any potential attacks. As a result, Kubestriker was born to manage and overcome these issues in the most efficient and user-friendly way."

"The tool also allows DevOps professionals to understand the root cause of any breaches, so they don't have to reach out to the security team for guidance, and automatically generates a report with detailed findings that can also be used by auditors and architects to ensure DevOps are complying with compliance standards and aligning with the business strategy."

The inclusion of continuous scanning, monitoring, and alerting of security anomalies that occur inside the cluster.

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/82MHjuW6xp0/