Merge branch 'main' into dependabot/github_actions/docker/build-push-action-5

8 months ago · 6736b169db
parent 0e293094ec 18f8456abd
commit 6736b169db
2 changed files with 7 additions and 2 deletions
--- a/README.md
+++ b/README.md
@ -24,7 +24,12 @@ Tests are configured with YAML files, making this tool easy to update as test sp

 ![Kubernetes Bench for Security](/docs/images/output.png "Kubernetes Bench for Security")

-### Quick start
+## CIS Scanning as part of Trivy and the Trivy Operator
+
+[Trivy](https://github.com/aquasecurity/trivy), the all in one cloud native security scanner, can be deployed as a [Kubernetes Operator](https://github.com/aquasecurity/trivy-operator) inside a cluster.
+Both, the [Trivy CLI](https://github.com/aquasecurity/trivy), and the [Trivy Operator](https://github.com/aquasecurity/trivy-operator) support CIS Kubernetes Benchmark scanning among several other features.
+
+## Quick start

 There are multiple ways to run kube-bench.
 You can run kube-bench inside a pod, but it will need access to the host's PID namespace in order to check the running processes, as well as access to some directories on the host where config files and other files are stored.
--- a/job.yaml
+++ b/job.yaml
@ -11,7 +11,7 @@ spec:
    spec:
      containers:
        - command: ["kube-bench"]
-          image: docker.io/aquasec/kube-bench:v0.6.17
+          image: docker.io/aquasec/kube-bench:v0.6.18
          name: kube-bench
          volumeMounts:
            - mountPath: /var/lib/etcd