1
0
mirror of https://github.com/aquasecurity/kube-bench.git synced 2024-11-24 17:08:14 +00:00

updates to the readme

Signed-off-by: AnaisUrlichs <urlichsanais@gmail.com>
This commit is contained in:
AnaisUrlichs 2023-08-10 08:15:29 +01:00 committed by Itay Shakury
parent 276d30ad75
commit 7ad0f2fee6

View File

@ -24,7 +24,12 @@ Tests are configured with YAML files, making this tool easy to update as test sp
![Kubernetes Bench for Security](/docs/images/output.png "Kubernetes Bench for Security") ![Kubernetes Bench for Security](/docs/images/output.png "Kubernetes Bench for Security")
### Quick start ## CIS Scanning as part of Trivy and the Trivy Operator
[Trivy](https://github.com/aquasecurity/trivy), the all in one cloud native security scanner, can be deployed as a [Kubernetes Operator](https://github.com/aquasecurity/trivy-operator) inside a cluster.
Both, the [Trivy CLI](https://github.com/aquasecurity/trivy), and the [Trivy Operator](https://github.com/aquasecurity/trivy-operator) support CIS Kubernetes Benchmark scanning among several other features.
## Quick start
There are multiple ways to run kube-bench. There are multiple ways to run kube-bench.
You can run kube-bench inside a pod, but it will need access to the host's PID namespace in order to check the running processes, as well as access to some directories on the host where config files and other files are stored. You can run kube-bench inside a pod, but it will need access to the host's PID namespace in order to check the running processes, as well as access to some directories on the host where config files and other files are stored.