Minesweeper
Last updated
Last updated
https://github.com/m9sweeper/m9sweeper
m9sweeper is a free and easy kubernetes security platform. It integrates industry standard open source utilities into a one-stop-shop kubernetes security tool that can walk most kubernetes adminstrators through securing a kubernetes cluster as well as the apps running on the cluster.
m9sweeper makes securing a cluster easy with:
CVE Scanning
Enforcement of CVE Scanning Rules
Reports and Dashboards, including historical reporting to see how your security posture has changed over time
CIS Security Benchmarking
Pen Testing
Deployment Coaching
Intrusion Detection
Gatekeeper Policy Management
m9sweeper makes it easy to orchestrate the implementation of a number of free security tools:
Trivy: CVE Scanner, Image scan
Kubesec: Deployment Best Practices
kube-bench: CIS Benchmarks
OPA Gatekeeper: Compliance and Security Policies
kube-hunter: Cluster Penetration Testing
Project Falco: Intrusion Detection
While tools like Gatekeeper and Open Policy Agent are immensely valuable for describing compliance in Kubernetes, they are also extremely difficult to use. Minesweeper’s library of pre-made policies and simple graphical user interface (and exceptions management interface) makes being compliant easy and manageable for most DevOps teams.
