performing-kubernetes-cis-benchmark-with-kube-bench

Featured

Audit Kubernetes cluster security posture against CIS benchmarks using kube-bench with automated checks for control plane, worker nodes, and RBAC.

DevOps & Infrastructure 12,642 stars 1468 forks Updated today Apache-2.0

Install

View on GitHub

Quality Score: 99/100

Stars 20%
100
Recency 20%
100
Frontmatter 20%
70
Documentation 15%
100
Issue Health 10%
50
License 10%
100
Description 5%
100

Skill Content

# Performing Kubernetes CIS Benchmark with kube-bench ## Overview kube-bench is an open-source Go tool by Aqua Security that runs the CIS Kubernetes Benchmark checks. It verifies control plane, etcd, worker node, and policy configurations against security best practices, producing actionable pass/fail/warn reports. ## When to Use - When conducting security assessments that involve performing kubernetes cis benchmark with kube bench - When following incident response procedures for related security events - When performing scheduled security testing or auditing activities - When validating security controls through hands-on testing ## Prerequisites - Kubernetes cluster (v1.24+) - kubectl with cluster-admin access - Node access for direct runs or privileged pod access ## Installation ```bash # Binary installation curl -L https://github.com/aquasecurity/kube-bench/releases/download/v0.7.3/kube-bench_0.7.3_linux_amd64.tar.gz | tar xz sudo mv kube-bench /usr/local/bin/ # Run as Kubernetes Job kubectl apply -f https://raw.githubusercontent.com/aquasecurity/kube-bench/main/job.yaml kubectl logs job/kube-bench # Run as a pod with host access kubectl apply -f https://raw.githubusercontent.com/aquasecurity/kube-bench/main/job-master.yaml kubectl apply -f https://raw.githubusercontent.com/aquasecurity/kube-bench/main/job-node.yaml ``` ## Running Benchmarks ### Full Benchmark ```bash # Run all checks (auto-detects node type) kube-bench run # Run with JSON output kube-bench...

Details

Author
mukul975
Repository
mukul975/Anthropic-Cybersecurity-Skills
Created
3 months ago
Last Updated
today
Language
Python
License
Apache-2.0

Integrates with

Kubernetes · Infrastructure

Similar Skills

Semantically similar based on skill content — not just same category

DevOps & Infrastructure Featured

performing-docker-bench-security-assessment

Docker Bench for Security is an open-source script that checks dozens of common best practices around deploying Docker containers in production. Based on the CIS Docker Benchmark, it audits host confi

12,642 Updated today
mukul975
DevOps & Infrastructure Featured

auditing-cloud-with-cis-benchmarks

This skill details how to conduct cloud security audits using Center for Internet Security benchmarks for AWS, Azure, and GCP. It covers interpreting CIS Foundations Benchmark controls, running automated assessments with tools like Prowler and ScoutSuite, remediating failed controls, and maintaining continuous compliance monitoring against CIS v5 for AWS, v4 for Azure, and v4 for GCP.

12,642 Updated today
mukul975
DevOps & Infrastructure Featured

performing-kubernetes-penetration-testing

Kubernetes penetration testing systematically evaluates cluster security by simulating attacker techniques against the API server, kubelet, etcd, pods, RBAC, network policies, and secrets. Using tools

12,642 Updated today
mukul975
DevOps & Infrastructure Featured

performing-kubernetes-etcd-security-assessment

Assess the security posture of Kubernetes etcd clusters by evaluating encryption at rest, TLS configuration, access controls, backup encryption, and network isolation.

12,642 Updated today
mukul975
AI & Automation Featured

scanning-kubernetes-manifests-with-kubesec

Perform security risk analysis on Kubernetes resource manifests using Kubesec to identify misconfigurations, privilege escalation risks, and deviations from security best practices.

12,642 Updated today
mukul975