Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cloud Security

StackRox Releases Open Source Tool for Finding Kubernetes Misconfigurations

Container and Kubernetes security company StackRox on Wednesday announced the release of KubeLinter, an open source tool designed to help users identify misconfigurations in Kubernetes deployments.

Container and Kubernetes security company StackRox on Wednesday announced the release of KubeLinter, an open source tool designed to help users identify misconfigurations in Kubernetes deployments.

KubeLinter is a static analysis tool that checks YAML files, which store configuration data for Kubernetes applications, to ensure that security best practices are followed.

A study conducted recently by StackRox showed that a majority of Kubernetes-related incidents are caused by human error, with misconfigurations being cited in two-thirds of cases.

Checking configurations is typically done manually, but the company says it’s not an easy process and it often results in errors. KubeLinter, which is a command-line tool, aims to address this by automating the process of checking YAML files and Helm charts (used to manage configurations) before they are deployed in a Kubernetes cluster.

The tool has built-in checks for common misconfigurations, such as ensuring that the least privileges principle is applied, following good label hygiene, ensuring that it’s not running as root, the presence of readiness probes, and the use of resource requirements. Custom checks can also be created by users.

KubeLinter can be run on developer machines, but it can also be integrated into an organization’s continuous integration (CI) systems.

“We developed KubeLinter to provide the Kubernetes community with a better, more automated way to identify misconfigurations and deviations from best practices that limit organizations from realizing the full potential of cloud-native applications,” said Ali Golshan, StackRox co-founder and CTO. “Releasing KubeLinter as an open source tool will ultimately help Kubernetes users create hardened environments that are increasingly resistant to the inherent risks generated by the frequent configuration changes common in development practices.”

The KubeLinter source code is available on GitHub and the Kubernetes community has been invited to contribute to the tool, which is currently described as being in a very early stage of development.

Advertisement. Scroll to continue reading.

StackRox has also released a short video explaining why it created KubeLinter and how users can contribute to the project.

StackRox recently raised $26.5 million in funding, bringing the total investment secured by the company to $61 million.

Related: BlackBerry Releases Open Source Reverse Engineering Tool

Related: Adobe Open Sources Tool for Sanitizing Logs, Detecting Exposed Credentials

Related: Google Releases Open Source Tool for Finding File Access Vulnerabilities

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Don’t miss this Live Attack demonstration to learn how hackers operate and gain the knowledge to strengthen your defenses.

Register

Join us as we share best practices for uncovering risks and determining next steps when vetting external resources, implementing solutions, and procuring post-installation support.

Register

People on the Move

Shanta Kohli has been named CMO at Sysdig.

Cloud security firm Sysdig has appointed Sergej Epp as CISO.

F5 has appointed John Maddison as Chief Product Marketing and Technology Alliances Officer.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.