m9sweeper is a free and easy kubernetes security platform. It integrates industry standard open source utilities into a one-stop-shop kubernetes security tool that can walk most kubernetes adminstrators through securing a kubernetes cluster as well as the apps running on the cluster.

m9sweeper makes securing a cluster easy with:

  • CVE Scanning

  • Enforcement of CVE Scanning Rules

  • Reports and Dashboards, including historical reporting to see how your security posture has changed over time

  • CIS Security Benchmarking

  • Pen Testing

  • Deployment Coaching

  • Intrusion Detection

  • Gatekeeper Policy Management

m9sweeper makes it easy to orchestrate the implementation of a number of free security tools:

Trivy: CVE Scanner, Image scan

Kubesec: Deployment Best Practices

kube-bench: CIS Benchmarks

OPA Gatekeeper: Compliance and Security Policies

kube-hunter: Cluster Penetration Testing

Project Falco: Intrusion Detection

Make Compliance Possible

While tools like Gatekeeper and Open Policy Agent are immensely valuable for describing compliance in Kubernetes, they are also extremely difficult to use. Minesweeper’s library of pre-made policies and simple graphical user interface (and exceptions management interface) makes being compliant easy and manageable for most DevOps teams.

Last updated