kube-bench icon indicating copy to clipboard operation
kube-bench copied to clipboard

verified publisher icon aquasecurity

Metadata

Checks whether Kubernetes is deployed according to security best practices as defined in the CIS Kubernetes Benchmark

Results 132 kube-bench issues
Sort by recently updated
recently updated
newest added
trafficstars

KubeBench check fails in OCP having JSON communication method instead of YAML

**Overview** KubeBench check fails in OCP having JSON communication method instead of YAML **How did you run kube-bench?** Kubebench ran as kubernetes job, command - 'kube-bench' **What happened?** `for node...

anupamtamrakar avatar anupamtamrakar

bug

Support version 1.1.0 of CIS Benchmarks for Amazon EKS

### Discussed in https://github.com/aquasecurity/kube-bench/discussions/1202 Originally posted by **trallnag** June 8, 2022 A new version of the benchmark is available. ![image](https://user-images.githubusercontent.com/24834206/172615231-ab571648-5963-4bb2-8861-a35bb982a56a.png) Support for this would be great. Currently the latest version...

mozillazg avatar mozillazg

An example is missed, related to eventRecordQPS

6 comment

in `node.yaml` (e.g. [this](https://github.com/aquasecurity/kube-bench/blob/main/cfg/cis-1.6/node.yaml)), there is a missing example related to **`eventRecordQPS`**, which makes it not consistent with other remediations. ``` remediation: | If using a Kubelet config file, edit...

winkee01 avatar winkee01

kube-bench node

kube-bench node The Kube bench node will fail, but after I modify it according to the prompt and check again, the Kube bench node will still fail. The Kube bench...

QiuToo avatar QiuToo

feat(schema): add database schema config

5 comment

With this configuration, you can select database schema. This setting could be good when you want to share the same Postgres instance for different clusters validations.

serrovsky avatar serrovsky

Syntax errors in node targets for OCP

3 comment

Fixing syntax error in checks 4.1.1,4.1.2 for rhel-1.0. SLK-39504

sm171190 avatar sm171190

Introduce new statuses: SKIP, MANU, ERRO

5 comment

This changeset introduces new statuses as proposed in #916 Probably I missed something, so I would be grateful any feedback and help 🙏

hypnoglow avatar hypnoglow

Add --status flag

15 comment

Fixes #918 This change adds the `--status` flag as described on the referenced issue, so that `kube-bench` will only log tests results with a `check.State` contained in the `--status` flag....

mtpereira avatar mtpereira

Docker image build with a non-root user account

4 comment

**Overview** Our container scanning tool trigger HIGH severity compliance alert after security scan with of the image `aquasec/kube-bench:latest`. **How did you run kube-bench?** N/A **What happened?** Description of the alert:...

sosadtsia avatar sosadtsia

Add new statuses

1 comment

Currently Kube-bench output only four statuses * [PASS] - Test passed * [FAIL] - Test scored and got unwanted output * [WARN] - Test is not scored and failed, or...

yoavrotems avatar yoavrotems

enhancement
help wanted

Metadata

6.7k
Stars
1.2k
Forks
Watchers

Owner

verified publisher icon aquasecurity

Metadata

Checks whether Kubernetes is deployed according to security best practices as defined in the CIS Kubernetes Benchmark

Back