# Minesweeper

<https://m9sweeper.io/>

<https://github.com/m9sweeper/m9sweeper>

![](/files/t9R0JCo8FQGtZRBBVmc8)

## [🌟 About the Project](https://github.com/m9sweeper/m9sweeper#star2-about-the-project)

m9sweeper is a free and easy kubernetes security platform. It integrates industry standard open source utilities into a one-stop-shop kubernetes security tool that can walk most kubernetes adminstrators through securing a kubernetes cluster as well as the apps running on the cluster.

![](https://gitlab.com/johnmkane/tech-recipe-book/-/blob/main/Book/Architect/Kubernetes/Security%20Center/Minesweeper/Untitled)

### [🎯 Features](https://github.com/m9sweeper/m9sweeper#dart-features)

m9sweeper makes securing a cluster easy with:

* CVE Scanning
* Enforcement of CVE Scanning Rules
* Reports and Dashboards, including historical reporting to see how your security posture has changed over time
* CIS Security Benchmarking
* Pen Testing
* Deployment Coaching
* Intrusion Detection
* Gatekeeper Policy Management

## [🧰 Toolbox](https://github.com/m9sweeper/m9sweeper#toolbox-toolbox)

m9sweeper makes it easy to orchestrate the implementation of a number of free security tools:

[Trivy](https://github.com/aquasecurity/trivy): CVE Scanner, Image scan

[Kubesec](https://github.com/controlplaneio/kubesec): Deployment Best Practices

[kube-bench](https://github.com/aquasecurity/kube-bench): CIS Benchmarks

[OPA Gatekeeper](https://github.com/open-policy-agent/gatekeeper): Compliance and Security Policies

[kube-hunter](https://github.com/aquasecurity/kube-hunter): Cluster Penetration Testing

[Project Falco](https://falco.org/): Intrusion Detection

## Make Compliance Possible

While tools like Gatekeeper and Open Policy Agent are immensely valuable for describing compliance in Kubernetes, they are also extremely difficult to use. Minesweeper’s library of pre-made policies and simple graphical user interface (and exceptions management interface) makes being compliant easy and manageable for most DevOps teams.

![](/files/BRcsA0Oo8wNDrFSJCRAZ)


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://book.konstantinsecurity.com/readme/architect/kubernetes/security-center/minesweeper.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.