This week’s selected open-source project of the week is a Kubernetes toolkit from Aqua Security called Starboard. Starboard integrates Kubernetes tools into the Kubernetes experience in order to provide a unified security experience.
“What if all the Kubernetes security tools spoke the same language that everyone knows and understands? Similar to the standardized and well-known Pod spec, we could come up with the schema for a vulnerability, a risk assessment check, a black- or white-listed vulnerability, or maybe even a scanner config. What if you could combine the results from different tools to give an easy-to-understand overview of current security status? This would allow security vendors to focus on what they do best, while others could consume the data in the homogeneous format,” Liz Rice, vice president of Open Source Engineering at Aqua Security wrote in a post.
The first release of Starboard, which was announced last week, offers a kubectl plugin, set of custom security resource definitions, a Go module, and an Octant plugin.
Users will be able to use Starboard to access security information such as vulnerability information, workload audits, CIS benchmark results, and pen-testing results.
Plans for Starboard’s future include creating a Starboard Security Operator that includes security risk information across clusters. Aqua Security also hopes to add a Starboard Admission Webhook that can take policy decisions from security information provided by supported CRDs.
Starboard can be viewed on GitHub here.