Kubestriker is a platform-agnostic tool designed to tackle Kuberenetes cluster security issues due to misconfigurations and will help strengthen the overall IT infrastructure of any organisation.
It performs numerous in depth checks on a range of services and open ports well across more than one platform such as self hosted kubernetes, Amazon EKS, Azure AKS, Google GKE etc., to identify any misconfigurations which make organisations an easy target for attackers. In addition, it helps safeguard against potential attacks on Kubernetes clusters by continuously scanning for anomalies.
Furthermore, it comprises the ability to see some components of kubernetes infrastructure and provides visualised attack paths of how hackers can advance their attacks.
Useful Links to Installation and usage of Web Application
Kubestriker was made capable of CICD integration with DevOps pipeline tools such as Jenkins, Azure pipelines and Bamboo. This allows for continuous scanning of the infrastructure to identify any misconfigurations prior to deployment into Sandbox or Production environments.
Despite its rapid adoption, Kubernetes remains an evolving technology and container usage for production deployments in organizations is still constrained by concerns around security and monitoring. So, I see this as an opportunity to address these concerns and offer more advanced capabilities and make Kubestriker the preferred application for security auditing. It is going to be an exciting road ahead!
The journey of Kubestriker has just begun. So while the Kubestriker community of adopters and contributors are growing steadily, I hope to continue the expansion of its use and take it even further by collaborating with more users and getting more contributors on board.
Vasant Chinnipilli builds and maintains kubestriker to audit and secure kubernetes infrastructure.
Start with Documentation for quick tutorials and examples.
If you liked using this tool or it has helped you in any way or if you have any suggestions/improvements, I'd like you send me an email at [email protected] about anything you'd want to say about this tool. I'd really appreciate it!