The latest Kubernetes version provides many security-related enhancements and controls, but it is far from being secure by default. Kubernetes is a complex orchestration platform with many different implementations, across multi-cloud/hybrid environments. Configuring it to comply with security best practices and specific security requires time and expertise that most organizations don’t possess.

Aqua’s open source tools arm Kubernetes administrators and developers with an easy way to identify weaknesses in their deployments so that they can address those issues before they are exploited by attackers.

During this presentation, we’ll review how these open source tools offer preventive security for Kubernetes:

Kube-Bench: checks a Kubernetes cluster against 100+ checks documented in the CIS Kubernetes Benchmark.
Kube-Hunter: conducts penetration tests against Kubernetes clusters that hunt for exploitable vulnerabilities and misconfiguration - both from outside the cluster as well as inside it (running as a pod).