KTE is an open source Kubernetes testing environment for the major cloud providers’ Kubernetes services: Amazon Elastic Kubernetes Service (EKS), Google Kubernetes Engine (GKE), and Azure Kubernetes Service (AKS).
It provides a safe and controlled space for discovering issues and vulnerabilities in Kubernetes configurations before they make it to production. KTE allows for the simulation of different attack scenarios, testing of security patches, and evaluation of how effective security configurations and policies are.
Currently, the project supports testing with several Kubernetes security tools, including Polaris, Kor, Trivy Operator, Kubesec, Checkov, and kube-score.
The results of the tests are displayed in an intuitive web-based dashboard to provide better visibility into any issues that are found.
KTE was developed by a research team at Orca Security, which is a cloud security platform, and was just open sourced earlier this week.
According to the company, they created the project because while Kubernetes is essential for managing complex container environments, “the management of complex containerization environments also introduces significant security challenges. The intricate configuration options, extensive permissions, and numerous components can create vulnerabilities if not managed correctly.”
Read about other recent Open-Source Projects of the Week:
Authentik | Dapr | Infisical | Cloudforet | Maestro | Snipe-IT
