How to scan and control the K8 objects are being created against security threats?

This page summarizes the projects mentioned and recommended in the original post on /r/kubernetes
Kubernetes Security security-tools Golang vulnerability-scanners

InfluxDB - Power Real-Time Data Analytics at Scale
Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
www.influxdata.com
featured
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com
featured

  • trivy

    Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

    • Trivy to scan your Container Image, for example as an Artefact finished building for your application in CI/CD.

  • trivy-operator

    Kubernetes-native security toolkit

    • Trivy-Operator (previously known as Starboard) to continuously scan all new workloads in your Kubernetes Cluster. It also uses Trivy so you have a close engine stack.

  • InfluxDB

    Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

    InfluxDB logo

  • starboard-exporter

    A standalone exporter for vulnerability reports and other CRs created by Trivy Operator (formerly Starboard).

    • Starboard-Operator (by GiantSwam) exposes the Reports created by Trivy-Operator as Prometheus compatible Metrics. Next you can use Grafana to get an overview of all your currently running workloads and their vulnerabilities data.

  • Monokle

    Monokle is a set of OSS tools designed to help create and maintain high-quality Kubernetes configurations throughout the application lifecycle

    • Monokle is another viable option for doing this pre-deployment. It has OPA functionality integrated so you set up and configure additional policies to be checked earlier in your workflow. It also helps with other pre-deployment validation issues. The performance was a bit off for a while but seems they've been working on it as of late.

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts

  • Is there a dashboard for the trivy-operator

    3 projects | /r/kubernetes | 7 Feb 2023

  • [open-source] Validkube - Validate, Clean and Secure your K8s YAML

    4 projects | /r/kubernetes | 9 Feb 2022

  • Blocking unsafe open source dependencies in pull requests with Minder and OSV.dev

    1 project | dev.to | 29 May 2024

  • Secure Randomness in Go 1.22

    3 projects | news.ycombinator.com | 7 May 2024

  • I Analyzed StackOverflow for Secrets

    1 project | news.ycombinator.com | 17 Nov 2023