Check Kubernetes hosts against CIS guidance with kube-bench before audit or hardening work
Run a benchmark-driven posture check on Kubernetes nodes and control planes before an audit, upgrade, or hardening sprint starts.
What it does
Check Kubernetes hosts against CIS guidance with kube-bench before audit or hardening work
Run a benchmark-driven posture check on Kubernetes nodes and control planes before an audit, upgrade, or hardening sprint starts.
Prerequisites
kube-bench binary or container image, access to Kubernetes nodes or cluster context, benchmark profile matching the target environment
Installation
Requirements and caveats from upstream:
Basic usage or getting-started notes:
-
There are multiple ways to run kube-bench.
-
You can run kube-bench inside a pod, but it will need access to the host's PID namespace in order to check the running processes, as well as access to some directories on the host where config files and other files ar...
-
The supplied job.yaml file can be applied to run the tests as a job. For example:
-
Extracted from upstream docs: https://raw.githubusercontent.com/aquasecurity/kube-bench/HEAD/README.md
Documentation
Source
Capabilities
Install
Quality
deterministic score 0.45 from registry signals: · indexed on github topic:agent-skills · 8 github stars · SKILL.md body (1,450 chars)