APACHE-2.0 License
Kubernetes-native security toolkit. (Documentation)
There are lots of security tools in the cloud native world, created by Khulnasoft and by others, for identifying and informing users about security issues in Kubernetes workloads and infrastructure components. However powerful and useful they might be, they tend to sit alongside Kubernetes, with each new product requiring users to learn a separate set of commands and installation steps in order to operate them and find critical security information.
The Vul-Operator leverages vul security tools by incorporating their outputs into Kubernetes CRDs (Custom Resource Definitions) and from there, making security reports accessible through the Kubernetes API. This way users can find and view the risks that relate to different resources in what we call a Kubernetes-native way.
The Vul operator automatically updates security reports in response to workload and other changes on a Kubernetes cluster, generating the following reports:
Please star ⭐ the repo if you want us to continue developing and improving vul-operator! 😀
Although we are trying to keep new releases backward compatible with previous versions, this project is still incubating, and some APIs and Custom Resource Definitions may change.
The official Documentation provides detailed installation, configuration, troubleshooting, and quick start guides.
You can install the Vul-operator Operator with Static YAML Manifests and follow the Getting Started guide to see how vulnerability and configuration audit reports are generated automatically.
At this early stage we would love your feedback on the overall concept of Vul-Operator. Over time, we'd love to see contributions integrating different security tools so that users can access security information in standard, Kubernetes-native ways.
Vul-Operator is an Khulnasoft Security open source project. Learn about our Open Source Work and Portfolio. Join the community, and talk to us about any matter in GitHub Discussions or Slack.