Aqua News Aqua’s Kube-Bench Wins 2018 InfoWorld Bossie Award for Best Open Source Software

Kube-Bench enables organizations to quickly and easily secure their Kubernetes environments

BOSTON, MA – September 28, 2018Aqua Security, a leading platform provider for securing container-based and cloud-native applications, today announced the editorial team at IDG’s InfoWorld has selected Aqua’s open source kube-bench as a winner of the annual InfoWorld Bossie Awards, which recognize the best business-oriented open source software products. Kube-bench, an open source tool for running the Center for Internet Security’s (CIS) benchmark tests for Kubernetes, is included in the Best Open Source Software for Cloud Computing category.

Aqua’s kube-bench automatically determines whether Kubernetes is deployed according to the CIS benchmark, which provides a number of security best practices and tests for establishing a secure configuration posture for Kubernetes. Kube-bench is written as a Go application and distributed as a container, but each individual test is defined in a YAML file, which makes it easier to extend and update the test suite as both the benchmark, and Kubernetes itself, evolves.

Like other CIS Benchmark tests, users run kube-bench on each node to establish how well a deployment meets the best practice recommendations from the CIS community. Kube-bench provides both detailed information about whether each test passes or fails, and advice on how to remediate any issues such as changing or removing an insecure configuration setting on one of the Kubernetes executables.

Users will immediately see whether their setups conform to best practices in key areas, including:

  • Proper user authentication and authorization
  • Securing data in transit
  • Securing data at rest
  • Using least privileges

“As more organizations use Kubernetes to orchestrate their cloud deployments, a growing number of new administrators need to quickly get up to speed on the key considerations for reliability and security,” said Liz Rice, Aqua’s Technology Evangelist and a maintainer for the kube-bench project. “At more than 250 pages, the CIS Kubernetes benchmark is a very helpful, yet very long, document. Aqua’s kube-bench greatly simplifies the process of running all of the checks in the benchmark to help ensure a strong security posture.”

Supporting the Open Source Community

Aqua is an active participant in the open source community around Kubernetes security. The company has also released the kube-hunter project which searches for security weaknesses in Kubernetes clusters. Kube-hunter provides discovery and penetration testing capabilities to enable security teams to find Kubernetes installations in their environments, and assess them for potential security risks. It also provides suggestions on remediation for a wide range of vulnerabilities.

Both kube-bench and kube-hunter are open source projects and Aqua welcomes the community’s feedback and ideas for improvement, as well as pull requests.

About Aqua Security

Aqua Security enables enterprises to secure their container and cloud-native applications from development to production, accelerating application deployment and bridging the gap between DevOps and IT security. Aqua’s Container Security Platform provides full visibility into container activity, allowing organizations to detect and prevent suspicious activity and attacks in real time. Integrated with container lifecycle and orchestration tools, the Aqua platform provides transparent, automated security while helping to enforce policy and simplify regulatory compliance. Aqua was founded in 2015 and is backed by Lightspeed Venture Partners, Microsoft Ventures, TLV Partners, and IT security leaders, and is based in Israel and Boston, MA.  For more information, visit www.aquasec.com or follow us on twitter.com/AquaSecTeam.