mirror of
https://github.com/The-Art-of-Hacking/h4cker
synced 2024-11-10 05:34:12 +00:00
Update README.md
This commit is contained in:
Omar Santos
parent
d08db49d45
commit
d8ac89c2b9
1 changed files with 100 additions and 217 deletions
|
|
@ -27,245 +27,128 @@
|
|||
- [The State of Kubernetes Security - Liz Rice](https://www.youtube.com/watch?v=_l56oUxHSio)
|
||||
- [DIY Pen-Testing for Your Kubernetes Cluster - Liz Rice, Aqua Security](https://www.youtube.com/watch?v=fVqCAUJiIn0)
|
||||
- [Kubernetes Security 101: Best Practices to Secure your Cluster](https://www.youtube.com/watch?v=d-pIWfDaZK8&t=3408s)
|
||||
- [Kubernetes Security 101: OWASP Natal Virtual Meeting](https://youtu.be/CF-ScdbhU5o) 🇧🇷
|
||||
|
||||
## Blogs and Articles
|
||||
|
||||
[Container Security: Examining Potential Threats to the Container Environment](https://www.trendmicro.com/vinfo/us/security/news/security-technology/container-security-examining-potential-threats-to-the-container-environment)
|
||||
|
||||
[Kubernetes securityContext: Linux capabilities in Kubernetes](https://snyk.io/blog/kubernetes-securitycontext-linux-capabilities/)
|
||||
|
||||
[10 Kubernetes Security Context settings you should understand](https://snyk.io/blog/10-kubernetes-security-context-settings-you-should-understand/)
|
||||
|
||||
[Kubesploit: A New Offensive Tool for Testing Containerized Environments](https://www.cyberark.com/resources/threat-research-blog/kubesploit-a-new-offensive-tool-for-testing-containerized-environments)
|
||||
|
||||
[Securing Kubernetes Clusters by Eliminating Risky Permissions](https://www.cyberark.com/resources/threat-research-blog/securing-kubernetes-clusters-by-eliminating-risky-permissions)
|
||||
|
||||
[Using Kubelet Client to Attack the Kubernetes Cluster](https://www.cyberark.com/resources/threat-research-blog/using-kubelet-client-to-attack-the-kubernetes-cluster)
|
||||
|
||||
[Eight Ways to Create a Pod](https://www.cyberark.com/resources/threat-research-blog/eight-ways-to-create-a-pod)
|
||||
|
||||
[Risk8s Business: Risk Analysis of Kubernetes Clusters](https://tldrsec.com/guides/kubernetes/)
|
||||
|
||||
[How to Set Up and Manage Logs with Kubernetes](https://iamondemand.com/blog/how-to-set-up-and-manage-logs-with-kubernetes/)
|
||||
|
||||
[The Current State of Kubernetes Threat Modelling](https://www.marcolancini.it/2020/blog-kubernetes-threat-modelling/)
|
||||
|
||||
[Hildegard: New TeamTNT Cryptojacking Malware Targeting Kubernetes](https://unit42.paloaltonetworks.com/hildegard-malware-teamtnt/)
|
||||
|
||||
[The Basics of Keeping Kubernetes Clusters Secure](https://www.trendmicro.com/vinfo/us/security/news/security-technology/the-basics-of-keeping-your-kubernetes-cluster-secure-part-1)
|
||||
|
||||
[The Basics of Keeping Kubernetes Cluster Secure: Worker Nodes and Related Components](https://www.trendmicro.com/vinfo/us/security/news/virtualization-and-cloud/the-basics-of-keeping-kubernetes-cluster-secure-worker-nodes-and-related-components)
|
||||
|
||||
[How to Secure Your Kubernetes Cluster](https://containerjournal.com/topics/container-security/how-to-secure-your-kubernetes-cluster/)
|
||||
|
||||
[Kubernetes Security 101: Best Practices To Secure Your Cluster](https://www.devseccon.com/kubernetes-security-101-best-practices-to-secure-your-cluster-secadvent-day-17/)
|
||||
|
||||
[Kubernetes Security](https://kubernetes-security.info/)
|
||||
|
||||
[Introducing Kubernetes Goat](https://blog.madhuakula.com/introducing-kubernetes-goat-8624f6d70e9e)
|
||||
|
||||
[Threat Matrix for Kubernetes](https://www.microsoft.com/security/blog/2020/04/02/attack-matrix-kubernetes/)
|
||||
|
||||
[Open Sourcing the Kubernetes Security Audit](https://www.cncf.io/blog/2019/08/06/open-sourcing-the-kubernetes-security-audit/)
|
||||
|
||||
[Amazon EKS Best Practices Guide for Security](https://aws.github.io/aws-eks-best-practices/)
|
||||
|
||||
[Protecting Kubernetes: The Kubernetes Attack Matrix and How to Mitigate Its Threats](https://security.stackrox.com/rs/219-UEH-533/images/StackRox-Whitepaper-Kubernetes_Attack_Matrix_and_Mitigation.pdf)
|
||||
|
||||
[Securing the 4Cs of Cloud Native](https://www.trendmicro.com/vinfo/us/security/news/virtualization-and-cloud/securing-the-4-cs-of-cloud-native-systems-cloud-cluster-container-and-code)
|
||||
|
||||
[CVE-2018-18264 Privilege escalation through Kubernetes dashboard](https://sysdig.com/blog/privilege-escalation-kubernetes-dashboard)
|
||||
|
||||
[Certified Kubernetes Security Specialist (CKS) exam guide](https://medium.com/cooking-with-azure/certified-kubernetes-security-specialist-cks-exam-guide-a8fc2b4c47ea)
|
||||
|
||||
- [Container Security: Examining Potential Threats to the Container Environment](https://www.trendmicro.com/vinfo/us/security/news/security-technology-container-security-examining-potential-threats-to-the-container-environment)
|
||||
- [Kubernetes securityContext: Linux capabilities in Kubernetes](https://snyk.io/blog/kubernetes-securitycontext-linux-capabilities/)
|
||||
- [10 Kubernetes Security Context settings you should understand](https://snyk.io/blog/10-kubernetes-security-context-settings-you-should-understand/)
|
||||
- [Kubesploit: A New Offensive Tool for Testing Containerized Environments](https://www.cyberark.com/resources/threat-research-blog/kubesploit-a-new-offensive-tool-for-testing-containerized-environments)
|
||||
- [Securing Kubernetes Clusters by Eliminating Risky Permissions](https://www.cyberark.com/resources/threat-research-blog/securing-kubernetes-clusters-by-eliminating-risky-permissions)
|
||||
- [Using Kubelet Client to Attack the Kubernetes Cluster](https://www.cyberark.com/resources/threat-research-blog-using-kubelet-client-to-attack-the-kubernetes-cluster)
|
||||
- [Eight Ways to Create a Pod](https://www.cyberark.com/resources/threat-research-blog/eight-ways-to-create-a-pod)
|
||||
- [Risk8s Business: Risk Analysis of Kubernetes Clusters](https://tldrsec.com/guides/kubernetes/)
|
||||
- [How to Set Up and Manage Logs with Kubernetes](https://iamondemand.com/blog/how-to-set-up-and-manage-logs-with-kubernetes/)
|
||||
- [The Current State of Kubernetes Threat Modelling](https://www.marcolancini.it/2020/blog-kubernetes-threat-modelling/)
|
||||
- [Hildegard: New TeamTNT Cryptojacking Malware Targeting Kubernetes](https://unit42.paloaltonetworks.com/hildegard-malware-teamtnt/)
|
||||
- [The Basics of Keeping Kubernetes Clusters Secure](https://www.trendmicro.com/vinfo/us/security/news/security-technology-the-basics-of-keeping-your-kubernetes-cluster-secure-part-1)
|
||||
- [The Basics of Keeping Kubernetes Cluster Secure: Worker Nodes and Related Components](https://www.trendmicro.com/vinfo/us/security/news-virtualization-and-cloud/the-basics-of-keeping-kubernetes-cluster-secure-worker-nodes-and-related-components)
|
||||
- [How to Secure Your Kubernetes Cluster](https://containerjournal.com/topics/container-security/how-to-secure-your-kubernetes-cluster/)
|
||||
- [Kubernetes Security 101: Best Practices To Secure Your Cluster](https://www.devseccon.com/kubernetes-security-101-best-practices-to-secure-your-cluster-secadvent-day-17/)
|
||||
- [Kubernetes Security](https://kubernetes-security.info/)
|
||||
- [Introducing Kubernetes Goat](https://blog.madhuakula.com/introducing-kubernetes-goat-8624f6d70e9e)
|
||||
- [Threat Matrix for Kubernetes](https://www.microsoft.com/security/blog/2020/04/02/attack-matrix-kubernetes/)
|
||||
- [Open Sourcing the Kubernetes Security Audit](https://www.cncf.io/blog/2019/08/06/open-sourcing-the-kubernetes-security-audit/)
|
||||
- [Amazon EKS Best Practices Guide for Security](https://aws.github.io/aws-eks-best-practices/)
|
||||
- [Protecting Kubernetes: The Kubernetes Attack Matrix and How to Mitigate Its Threats](https://security.stackrox.com/rs/219-UEH-533/images/StackRox-Whitepaper-Kubernetes_Attack_Matrix_and_Mitigation.pdf)
|
||||
- [Securing the 4Cs of Cloud Native](https://www.trendmicro.com/vinfo/us/security/news/virtualization-and-cloud-securing-the-4-cs-of-cloud-native-systems-cloud-cluster-container-and-code)
|
||||
- [CVE-2018-18264 Privilege escalation through Kubernetes dashboard](https://sysdig.com/blog/privilege-escalation-kubernetes-dashboard)
|
||||
- [Certified Kubernetes Security Specialist (CKS) exam guide](https://medium.com/cooking-with-azure/certified-kubernetes-security-specialist-cks-exam-guide-a8fc2b4c47ea)
|
||||
## Books
|
||||
|
||||
[Hacking Kubernetes by Andrew Martin, Michael Hausenblas](https://learning.oreilly.com/library/view/hacking-kubernetes/9781492081722/)
|
||||
|
||||
[Learn Kubernetes Security by Kaizhe Huang and Pranjal Jumde](https://www.amazon.com/Learn-Kubernetes-Security-orchestrate-microservices-ebook/dp/B087Q9G51R)
|
||||
|
||||
[Kubernetes Security by Liz Rice and Michael Hausenblas](https://info.aquasec.com/kubernetes-security)
|
||||
|
||||
[Container Security by Liz Rice](https://containersecurity.tech/)
|
||||
|
||||
[Kubernetes: Up and Running, Second Edition by Brendan Burns, Joe Beda and Kelsey Hightower](https://azure.microsoft.com/en-us/resources/kubernetes-up-and-running/)
|
||||
|
||||
[Kubernetes Patterns: Reusable Elements for Designing Cloud-Native Applications by Bilgin Ibryam & Roland Huß](https://www.redhat.com/cms/managed-files/cm-oreilly-kubernetes-patterns-ebook-f19824-201910-en.pdf)
|
||||
|
||||
- [Hacking Kubernetes by Andrew Martin, Michael Hausenblas](https://learning.oreilly.com/library/view/hacking-kubernetes/9781492081722/)
|
||||
- [Learn Kubernetes Security by Kaizhe Huang and Pranjal Jumde](https://www.amazon.com/Learn-Kubernetes-Security-orchestrate-microservices-ebook/dp/B087Q9G51R)
|
||||
- [Kubernetes Security by Liz Rice and Michael Hausenblas](https://info.aquasec.com/kubernetes-security)
|
||||
- [Container Security by Liz Rice](https://containersecurity.tech/)
|
||||
- [Kubernetes: Up and Running, Second Edition by Brendan Burns, Joe Beda and Kelsey Hightower](https://azure.microsoft.com/en-us/resources/kubernetes-up-and-running/)
|
||||
- [Kubernetes Patterns: Reusable Elements for Designing Cloud-Native Applications by Bilgin Ibryam & Roland Huß](https://www.redhat.com/cms/managed-files/cm-oreilly-kubernetes-patterns-ebook-f19824-201910-en.pdf)
|
||||
## Certifications
|
||||
|
||||
- [CKAD](https://www.cncf.io/certification/ckad/)
|
||||
|
||||
- [CKA](https://www.cncf.io/certification/cka/)
|
||||
|
||||
- [Certified Kubernetes Administrator (CKA) Course](https://github.com/kodekloudhub/certified-kubernetes-administrator-course)
|
||||
|
||||
- [CKS](https://www.cncf.io/certification/cks/)
|
||||
|
||||
- [Certified Kubernetes Security Specialist (CKS)](https://github.com/walidshaari/Certified-Kubernetes-Security-Specialist)
|
||||
|
||||
- [CKSS-Certified-Kubernetes-Security-Specialist](https://github.com/ibrahimjelliti/CKSS-Certified-Kubernetes-Security-Specialist)
|
||||
|
||||
- [Certified Kubernetes Security Specialist Study Guide](https://github.com/stackrox/Kubernetes_Security_Specialist_Study_Guide)
|
||||
|
||||
- [References for CKS Exam Objectives](https://github.com/abdennour/certified-kubernetes-security-specialist)
|
||||
|
||||
## CVEs
|
||||
|
||||
[Exploring container security: Vulnerability management in open-source Kubernetes](https://cloud.google.com/blog/products/containers-kubernetes/exploring-container-security-vulnerability-management-in-open-source-kubernetes)
|
||||
|
||||
[CVE-2019-11247](https://nvd.nist.gov/vuln/detail/CVE-2019-11247)
|
||||
|
||||
[CVE-2019-11249](https://nvd.nist.gov/vuln/detail/CVE-2019-11249)
|
||||
|
||||
[CVE-2018-18264](https://nvd.nist.gov/vuln/detail/CVE-2018-18264)
|
||||
|
||||
- [Exploring container security: Vulnerability management in open-source Kubernetes](https://cloud.google.com/blog/products/containers-kubernetes/exploring-container-security-vulnerability-management-in-open-source-kubernetes)
|
||||
- [CVE-2019-11247](https://nvd.nist.gov/vuln/detail/CVE-2019-11247)
|
||||
- [CVE-2019-11249](https://nvd.nist.gov/vuln/detail/CVE-2019-11249)
|
||||
- [CVE-2018-18264](https://nvd.nist.gov/vuln/detail/CVE-2018-18264)
|
||||
## Slides
|
||||
|
||||
[Communication is Key - Understanding Kubernetes Networking (KubeCon EU 2020)](https://static.sched.com/hosted_files/kccnceu20/3d/Communication_is_Key.pdf)
|
||||
|
||||
[Seccomp Profiles and you: A practical guide (KubeCon EU 2020)](https://www.slideshare.net/DuffieCooley/seccomp-profiles-and-you-a-practical-guide)
|
||||
|
||||
[Advanced Persistence Threats: The Future of Kubernetes Attacks (KubeCon EU 2020)](https://speakerdeck.com/iancoldwater/advanced-persistence-threats-the-future-of-kubernetes-attacks)
|
||||
|
||||
[Help! My Cluster Is On The Internet!](https://bit.ly/SamK8sSec)
|
||||
- [Communication is Key - Understanding Kubernetes Networking (KubeCon EU 2020)](https://static.sched.com/hosted_files/kccnceu20/3d/Communication_is_Key.pdf)
|
||||
- [Seccomp Profiles and you: A practical guide (KubeCon EU 2020)](https://www.slideshare.net/DuffieCooley/seccomp-profiles-and-you-a-practical-guide)
|
||||
- [Advanced Persistence Threats: The Future of Kubernetes Attacks (KubeCon EU 2020)](https://speakerdeck.com/iancoldwater/advanced-persistence-threats-the-future-of-kubernetes-attacks)
|
||||
- [Help! My Cluster Is On The Internet!](https://bit.ly/SamK8sSec)
|
||||
|
||||
## Trainings
|
||||
|
||||
[Secure Kubernetes](https://securekubernetes.com/)
|
||||
|
||||
[Cloud Native Security Tutorial](https://tutorial.kubernetes-security.info/)
|
||||
|
||||
[Kubernetes Security (Advanced Concepts)](https://acloudguru.com/course/kubernetes-security-advanced-concepts)
|
||||
|
||||
[Kubernetes Goat Guide](https://madhuakula.com/kubernetes-goat/)
|
||||
|
||||
[Katacoda Kubernetes Goat Videos](https://katacoda.com/madhuakula/scenarios/kubernetes-goat)
|
||||
|
||||
[Attacking and Auditing Docker Containers and Kubernetes Clusters](https://github.com/Kloudle/attacking-and-auditing-docker-containers-and-kubernetes-clusters-training)
|
||||
|
||||
[A Cloud Guru Kubernetes Security](https://acloudguru.com/course/kubernetes-security)
|
||||
|
||||
[SANS Cloud-Native Security Defending Containers and Kubernetes](https://www.sans.org/event/stay-sharp-blue-team-ops-and-cloud-dec-2020/course/cloud-native-security-defending-containers-kubernetes)
|
||||
|
||||
[Tutorial: Getting Started With Cloud-Native Security - KubeCon EU 2020 - Liz Rice & Michael Hausenblas](https://youtu.be/MisS3wSds40)
|
||||
|
||||
[Control Plane Security Training](https://control-plane.io/training/)
|
||||
|
||||
[Kubernetes Exam Simulator](https://killer.sh/cks)
|
||||
|
||||
[Kubernetes Security Workshop](https://github.com/scotty-c/kubernetes-security-workshop)
|
||||
|
||||
[Linux Academy - Kubernetes Security](https://github.com/linuxacademy/content-kubernetes-security)
|
||||
|
||||
- [Secure Kubernetes](https://securekubernetes.com/)
|
||||
- [Cloud Native Security Tutorial](https://tutorial.kubernetes-security.info/)
|
||||
- [Kubernetes Security (Advanced Concepts)](https://acloudguru.com/course/kubernetes-security-advanced-concepts)
|
||||
- [Kubernetes Goat Guide](https://madhuakula.com/kubernetes-goat/)
|
||||
- [Katacoda Kubernetes Goat Videos](https://katacoda.com/madhuakula/scenarios/kubernetes-goat)
|
||||
- [Attacking and Auditing Docker Containers and Kubernetes Clusters](https://github.com/Kloudle/attacking-and-auditing-docker-containers-and-kubernetes-clusters-training)
|
||||
- [A Cloud Guru Kubernetes Security](https://acloudguru.com/course/kubernetes-security)
|
||||
- [SANS Cloud-Native Security Defending Containers and Kubernetes](https://www.sans.org/event/stay-sharp-blue-team-ops-and-cloud-dec-2020/course/cloud-native-security-defending-containers-kubernetes)
|
||||
- [Tutorial: Getting Started With Cloud-Native Security - KubeCon EU 2020 - Liz Rice & Michael Hausenblas](https://youtu.be/MisS3wSds40)
|
||||
- [Control Plane Security Training](https://control-plane.io/training/)
|
||||
- [Kubernetes Exam Simulator](https://killer.sh/cks)
|
||||
- [Kubernetes Security Workshop](https://github.com/scotty-c/kubernetes-security-workshop)
|
||||
- [Linux Academy - Kubernetes Security](https://github.com/linuxacademy/content-kubernetes-security)
|
||||
## Repositories / Tools
|
||||
|
||||
### Learning
|
||||
|
||||
[kubectl](https://kubernetes.io/docs/tasks/tools/install-kubectl/)
|
||||
|
||||
[krew](https://krew.sigs.k8s.io/docs/user-guide/setup/install/)
|
||||
|
||||
[Bust-a-Kube](https://www.bustakube.com/)
|
||||
|
||||
[kube-goat](https://github.com/ksoclabs/kube-goat)
|
||||
|
||||
[Kubernetes Goat](https://github.com/madhuakula/kubernetes-goat)
|
||||
|
||||
[Kubernetes Networking Labs for KubeCon EU 2020 Talk](https://github.com/korvus81/k8s-net-labs)
|
||||
|
||||
[CNCF Security Audits](https://github.com/magnologan/cncf-security-audits)
|
||||
|
||||
- [kubectl](https://kubernetes.io/docs/tasks/tools/install-kubectl/)
|
||||
- [krew](https://krew.sigs.k8s.io/docs/user-guide/setup/install/)
|
||||
- [Bust-a-Kube](https://www.bustakube.com/)
|
||||
- [kube-goat](https://github.com/ksoclabs/kube-goat)
|
||||
- [Kubernetes Goat](https://github.com/madhuakula/kubernetes-goat)
|
||||
- [Kubernetes Networking Labs for KubeCon EU 2020 Talk](https://github.com/korvus81/k8s-net-labs)
|
||||
- [CNCF Security Audits](https://github.com/magnologan/cncf-security-audits)
|
||||
### Attacking
|
||||
|
||||
[kubesploit](https://github.com/cyberark/kubesploit)
|
||||
|
||||
[kubeletctl](https://github.com/cyberark/kubeletctl)
|
||||
|
||||
[kube-hunter](https://github.com/aquasecurity/kube-hunter)
|
||||
|
||||
[Peirates](https://github.com/inguardians/peirates)
|
||||
|
||||
- [kubesploit](https://github.com/cyberark/kubesploit)
|
||||
- [kubeletctl](https://github.com/cyberark/kubeletctl)
|
||||
- [kube-hunter](https://github.com/aquasecurity/kube-hunter)
|
||||
- [Peirates](https://github.com/inguardians/peirates)
|
||||
### Defending
|
||||
|
||||
[KubiScan](https://github.com/cyberark/KubiScan)
|
||||
|
||||
[Kubernetes Audit by Trail of Bits](https://github.com/trailofbits/audit-kubernetes)
|
||||
|
||||
[kubeaudit](https://github.com/Shopify/kubeaudit)
|
||||
|
||||
[falco](https://github.com/falcosecurity/falco)
|
||||
|
||||
[kubesec](https://github.com/controlplaneio/kubesec)
|
||||
|
||||
[kube-bench](https://github.com/aquasecurity/kube-bench)
|
||||
|
||||
[trivy](https://github.com/aquasecurity/trivy)
|
||||
|
||||
[MKIT](https://github.com/darkbitio/mkit)
|
||||
|
||||
[kubetap](https://github.com/soluble-ai/kubetap)
|
||||
|
||||
[kube-forensics](https://github.com/keikoproj/kube-forensics)
|
||||
|
||||
[k8s-security-dashboard](https://github.com/k8scop/k8s-security-dashboard)
|
||||
|
||||
[CIS Kubernetes Benchmark - InSpec Profile](https://github.com/dev-sec/cis-kubernetes-benchmark)
|
||||
|
||||
[Kube PodSecurityPolicy Advisor](https://github.com/sysdiglabs/kube-psp-advisor)
|
||||
|
||||
[Inspektor Gadget](https://github.com/kinvolk/inspektor-gadget)
|
||||
|
||||
[Starboard](https://github.com/aquasecurity/starboard)
|
||||
|
||||
[Advocacy Site for Kubernetes RBAC](https://github.com/mhausenblas/rbac.dev)
|
||||
|
||||
[Helm-Snyk](https://github.com/snyk-labs/helm-snyk)
|
||||
|
||||
[Krane](https://github.com/appvia/krane)
|
||||
|
||||
[rakkess](https://github.com/corneliusweig/rakkess)
|
||||
|
||||
[kubectl-who-can](https://github.com/aquasecurity/kubectl-who-can)
|
||||
|
||||
[Kubernetes Security - Best Practice Guide](https://github.com/freach/kubernetes-security-best-practice)
|
||||
|
||||
[External Secrets](https://github.com/external-secrets/external-secrets)
|
||||
|
||||
[KubeLinter](https://github.com/stackrox/kube-linter)
|
||||
|
||||
[Open Policy Agent](https://www.openpolicyagent.org)
|
||||
|
||||
[Gatekeeper](https://github.com/open-policy-agent/gatekeeper)
|
||||
|
||||
[Kyverno](https://kyverno.io)
|
||||
|
||||
- [KubiScan](https://github.com/cyberark/KubiScan)
|
||||
- [Kubernetes Audit by Trail of Bits](https://github.com/trailofbits/audit-kubernetes)
|
||||
- [kubeaudit](https://github.com/Shopify/kubeaudit)
|
||||
- [falco](https://github.com/falcosecurity/falco)
|
||||
- [kubesec](https://github.com/controlplaneio/kubesec)
|
||||
- [kube-bench](https://github.com/aquasecurity/kube-bench)
|
||||
- [trivy](https://github.com/aquasecurity/trivy)
|
||||
- [MKIT](https://github.com/darkbitio/mkit)
|
||||
- [kubetap](https://github.com/soluble-ai/kubetap)
|
||||
- [kube-forensics](https://github.com/keikoproj/kube-forensics)
|
||||
- [k8s-security-dashboard](https://github.com/k8scop/k8s-security-dashboard)
|
||||
- [CIS Kubernetes Benchmark - InSpec Profile](https://github.com/dev-sec/cis-kubernetes-benchmark)
|
||||
- [Kube PodSecurityPolicy Advisor](https://github.com/sysdiglabs/kube-psp-advisor)
|
||||
- [Inspektor Gadget](https://github.com/kinvolk/inspektor-gadget)
|
||||
- [Starboard](https://github.com/aquasecurity/starboard)
|
||||
- [Advocacy Site for Kubernetes RBAC](https://github.com/mhausenblas/rbac.dev)
|
||||
- [Helm-Snyk](https://github.com/snyk-labs/helm-snyk)
|
||||
- [Krane](https://github.com/appvia/krane)
|
||||
- [rakkess](https://github.com/corneliusweig/rakkess)
|
||||
- [kubectl-who-can](https://github.com/aquasecurity/kubectl-who-can)
|
||||
- [Kubernetes Security - Best Practice Guide](https://github.com/freach/kubernetes-security-best-practice)
|
||||
- [External Secrets](https://github.com/external-secrets/external-secrets)
|
||||
- [KubeLinter](https://github.com/stackrox/kube-linter)
|
||||
- [Open Policy Agent](https://www.openpolicyagent.org)
|
||||
- [Gatekeeper](https://github.com/open-policy-agent/gatekeeper)
|
||||
- [Kyverno](https://kyverno.io)
|
||||
|
||||
## Papers
|
||||
|
||||
[Kubernetes Security Assessment - Final Report - May 2019](https://github.com/kubernetes/community/blob/master/sig-security/security-audit-2019/findings/Kubernetes%20Final%20Report.pdf)
|
||||
|
||||
[Kubernetes Security Whitepaper - June 2019](https://github.com/kubernetes/community/blob/master/sig-security/security-audit-2019/findings/Kubernetes%20Final%20Report.pdf)
|
||||
|
||||
[Kubernetes Threat Model - June 2019](https://github.com/kubernetes/community/blob/master/sig-security/security-audit-2019/findings/Kubernetes%20Threat%20Model.pdf)
|
||||
|
||||
[Kubernetes Attack Tree](https://github.com/cncf/financial-user-group/tree/master/projects/k8s-threat-model)
|
||||
|
||||
[Attacking Kubernetes - A Guide for Administrators and Penetration Testers](https://github.com/kubernetes/community/blob/master/sig-security/security-audit-2019/findings/AtredisPartners_Attacking_Kubernetes-v1.0.pdf)
|
||||
|
||||
[CIS Kubernetes Benchmark](https://www.cisecurity.org/benchmark/kubernetes/)
|
||||
|
||||
[Kubernetes é seguro por default ou à prova de má configuração?](https://p0ssuidao.medium.com/kubernetes-%C3%A9-seguro-por-default-ou-aprova-de-m%C3%A1-configura%C3%A7%C3%A3o-9d3bccc2f342) 🇧🇷
|
||||
|
||||
- [Kubernetes Security Assessment - Final Report - May 2019](https://github.com/kubernetes/community/blob/master/sig-security/security-audit-2019/findings/Kubernetes%20Final%20Report.pdf)
|
||||
- [Kubernetes Security Whitepaper - June 2019](https://github.com/kubernetes/community/blob/master/sig-security/security-audit-2019/findings/Kubernetes%20Final%20Report.pdf)
|
||||
- [Kubernetes Threat Model - June 2019](https://github.com/kubernetes/community/blob/master/sig-security/security-audit-2019/findings/Kubernetes%20Threat%20Model.pdf)
|
||||
- [Kubernetes Attack Tree](https://github.com/cncf/financial-user-group/tree/master/projects/k8s-threat-model)
|
||||
- [Attacking Kubernetes - A Guide for Administrators and Penetration Testers](https://github.com/kubernetes/community/blob/master/sig-security/security-audit-2019/findings/AtredisPartners_Attacking_Kubernetes-v1.0.pdf)
|
||||
- [CIS Kubernetes Benchmark](https://www.cisecurity.org/benchmark/kubernetes/)
|
||||
- [Kubernetes é seguro por default ou à prova de má configuração?](https://p0ssuidao.medium.com/kubernetes-%C3%A9-seguro-por-default-ou-aprova-de-m%C3%A1-configura%C3%A7%C3%A3o-9d3bccc2f342) 🇧🇷
|
||||
## Podcasts
|
||||
|
||||
[TGI Kubernetes](https://www.youtube.com/playlist?list=PL7bmigfV0EqQzxcNpmcdTJ9eFRPBe-iZa)
|
||||
|
||||
[The Podlets](https://thepodlets.io)
|
||||
|
||||
[Kubecast](https://www.kubecast.com/)
|
||||
|
||||
[Kubernetes Podcast (from Google)](https://kubernetespodcast.com/)
|
||||
|
||||
[PodCTL - Enterprise Kubernetes](https://www.podctl.com/)
|
||||
- [TGI Kubernetes](https://www.youtube.com/playlist?list=PL7bmigfV0EqQzxcNpmcdTJ9eFRPBe-iZa)
|
||||
- [The Podlets](https://thepodlets.io)
|
||||
- [Kubecast](https://www.kubecast.com/)
|
||||
- [Kubernetes Podcast (from Google)](https://kubernetespodcast.com/)
|
||||
- [PodCTL - Enterprise Kubernetes](https://www.podctl.com/)
|
||||
|
|
|
|||
Loading…
Reference in a new issue