Checks whether Kubernetes is deployed according to security best practices as defined in the CIS Kubernetes Benchmark

A roadmap to learn Kubernetes from scratch (Beginner to Advanced level)

Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on playground 🚀

📦 Make security testing of K8s, Docker, and Containerd easier.

☁️ ⚡ Granular, Actionable Adversary Emulation for the Cloud

Curated resources help you prepare for the CNCF/Linux Foundation CKS 2021 "Kubernetes Certified Security Specialist" Certification exam. Please provide feedback or requests by raising issues, or making a pull request. All feedback for improvements are welcome. thank you.

HummerRisk 是云原生安全平台，包括混合云安全治理和云原生安全检测。

Open-source Platform for learning kubernetes and aws eks and preparation for for Certified Kubernetes exams (CKA ,CKS , CKAD)

Metarget is a framework providing automatic constructions of vulnerable infrastructures.

All-in-one Kubernetes access manager. User-level credentials, RBAC, SSO, audit logs.

Constellation is a Kubernetes distribution for confidential computing, securing entire clusters on untrusted infrastructure. Constellation is in maintenance mode. New development continues in Contrast, which provides workload-level confidential computing using Confidential Containers. 👉 https://github.com/edgelesssys/contrast

A Blazing fast Security Auditing tool for Kubernetes

A curated list of awesome Kubernetes security resources

Tool for building Kubernetes attack paths

Kubernetes security notes and best practices

TerraformGoat is HXSecurity research lab's "Vulnerable by Design" multi cloud deployment tool.

eBPF (extended Berkeley Packet Filter) Guide. Learn all about the eBPF Tools and Libraries for Security, Monitoring , and Networking.

Kubernetes Security Checklist and Requirements - All in One (authentication, authorization, logging, secrets, configuration, network, workloads, dockerfile)

Kubernetes security tool for policy enforcement

MKIT is a Managed Kubernetes Inspection Tool that validates several common security-related configuration settings of managed Kubernetes cluster objects and the workloads/resources running inside the cluster.