CIS Kubernetes benchmark
Estimated reading time: 1 minuteThe Center for Internet Security (CIS) Kubernetes Benchmark is a reference document that can be used by system administrators, security and audit professionals and other IT roles to establish a secure configuration baseline for Kubernetes. CIS Benchmarks are developed by an open community of security practitioners and licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 Internal Public License.
The latest benchmark for Kubernetes 1.8 (CIS Benchmark v1.2.0) can be found here. This benchmark can be used to harden the Kubernetes components that are made available as part of the upcoming release of Docker Enterprise Edition (18.01).
Below is a list of tools and resources that can be used to automate the validation of an instance of Kubernetes against the CIS Kubernetes Benchmark: