arno/kube-bench
1
0
Fork 0
mirror of https://github.com/aquasecurity/kube-bench.git synced 2024-11-21 15:48:06 +00:00
Code Issues Releases Wiki Activity

updates to the readme

Browse Source 
Signed-off-by: AnaisUrlichs <urlichsanais@gmail.com>
This commit is contained in:
AnaisUrlichs 2023-08-10 08:15:29 +01:00 committed by Itay Shakury
parent 276d30ad75
commit 7ad0f2fee6
1 changed files with 6 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
README.md
View File

@ -24,7 +24,12 @@ Tests are configured with YAML files, making this tool easy to update as test sp
![Kubernetes Bench for Security](/docs/images/output.png "Kubernetes Bench for Security") ![Kubernetes Bench for Security](/docs/images/output.png "Kubernetes Bench for Security")
### Quick start ## CIS Scanning as part of Trivy and the Trivy Operator
[Trivy](https://github.com/aquasecurity/trivy), the all in one cloud native security scanner, can be deployed as a [Kubernetes Operator](https://github.com/aquasecurity/trivy-operator) inside a cluster.
Both, the [Trivy CLI](https://github.com/aquasecurity/trivy), and the [Trivy Operator](https://github.com/aquasecurity/trivy-operator) support CIS Kubernetes Benchmark scanning among several other features.
## Quick start
There are multiple ways to run kube-bench. There are multiple ways to run kube-bench.
You can run kube-bench inside a pod, but it will need access to the host's PID namespace in order to check the running processes, as well as access to some directories on the host where config files and other files are stored. You can run kube-bench inside a pod, but it will need access to the host's PID namespace in order to check the running processes, as well as access to some directories on the host where config files and other files are stored.