Pinned Repositories
cel-admission-library
This projects contains pre-made policies for Kubernetes Validating Admission Policies. This policy library is based on Kubescape controls, see here a comlete list https://hub.armosec.io/docs/controls
github-action
GitHub action to run Kubescape scans
helm-charts
Kubescape can run as a set of microservices inside a Kubernetes cluster. This allows you to continually monitor the status of a cluster, including for compliance and vulnerability management
kapprofiler
Generate an application profile containing metrics/properties for Kubernetes workloads based on runtime behavior.
kubescape
Kubescape is an open-source Kubernetes security platform for your IDE, CI/CD pipelines, and clusters. It includes risk analysis, security, compliance, and misconfiguration scanning, saving Kubernetes users and administrators precious time, effort, and resources.
kubevuln
Kubevuln is an in-cluster component of the Kubescape security platform. It scans container images for vulnerabilities, using Grype as its engine.
lens-extension
A Lens extension for viewing Kubescape security information
regolibrary
The regolibrary package contains the controls Kubescape uses for detecting misconfigurations in Kubernetes manifests.
sneeffer
Sneefer is a PoC project showing how to filter out irrelevent vulnerabilities from container image vulnerability scan results. It is based on application monitoring using eBPF and Falco base libraries and writes results in Kubernetes CRDs
vscode-kubescape
Kubescape extension for Visual Studio Code
Kubescape's Repositories
kubescape/kubescape
Kubescape is an open-source Kubernetes security platform for your IDE, CI/CD pipelines, and clusters. It includes risk analysis, security, compliance, and misconfiguration scanning, saving Kubernetes users and administrators precious time, effort, and resources.
kubescape/regolibrary
The regolibrary package contains the controls Kubescape uses for detecting misconfigurations in Kubernetes manifests.
kubescape/cel-admission-library
This projects contains pre-made policies for Kubernetes Validating Admission Policies. This policy library is based on Kubescape controls, see here a comlete list https://hub.armosec.io/docs/controls
kubescape/helm-charts
Kubescape can run as a set of microservices inside a Kubernetes cluster. This allows you to continually monitor the status of a cluster, including for compliance and vulnerability management
kubescape/github-action
GitHub action to run Kubescape scans
kubescape/kubevuln
Kubevuln is an in-cluster component of the Kubescape security platform. It scans container images for vulnerabilities, using Grype as its engine.
kubescape/vscode-kubescape
Kubescape extension for Visual Studio Code
kubescape/kapprofiler
Generate an application profile containing metrics/properties for Kubernetes workloads based on runtime behavior.
kubescape/go-git-url
Package for parsing git url and executing git api calls
kubescape/operator
Operator is an in-cluster component of the Kubescape security platform. It allows clients to connect to itself, listens for commands from the connected clients and controls other in-cluster components according to received commands.
kubescape/opa-utils
Kubescape utils for opa scanning
kubescape/node-agent
kubescape/k8s-interface
Kubescape wrapper for the Kubernetes interface
kubescape/kubescape-network-scanner
Network scan and service discovery package
kubescape/kollector
Kollector is an in-cluster component of the Kubescape security platform. It Communicates with the Kubernetes API server to collect cluster information and watches for changes in the cluster.
kubescape/kwok-bench
A toolkit to efficiently create large-scale, simulated Kubernetes clusters for testing and benchmarking applications using KWOK.
kubescape/prometheus-exporter
kubescape/workflows
This repository is testing and building the Kubescape components images using GitHub workflows
kubescape/docker-desktop-extension
Kubescape extension for Docker Desktop
kubescape/gateway
Gateway is an in-cluster component of the Kubescape security platform. It broadcasts a message received to its registered clients. When a client registers itself in a Gateway it must provide a set of attributes, which will serve as identification, for message routing purposes.
kubescape/homebrew-tap
Homebrew tap for Kubescape
kubescape/kubescape.io
kubescape.io website
kubescape/packaging
Packaging scripts that allow installation of Kubescape through various package manager.
kubescape/storage
kubescape/synchronizer
kubescape/backend
kubescape/http-request
The http-request package is meant to replace the curl command by a simple go script that runs an HTTP request
kubescape/messaging
Kubescape's messaging package - a collection of wrapper code around Pulsar to quickly and easily connect to Pulsar brokers, send and receive messages, and message queues and topics management.
kubescape/regolibrary-dev
kubescape/workshops