Kubernetes Static Analysis Smackdown

Kubernetes Static Analysis Smackdown - TerraScan, Checkov, Kube-Linter & KubeSec | Way of the Future

Kubernetes #YAML Manifests are the backbone of deploying on Kubernetes. However, you can introduce several security vulnerabilities that can lead to your Kubernetes Cluster getting compromised, through Security Misconfigurations.YAML Manifest Linters or Static Analysis tools help us identify security issues with our Kubernetes Manifests. If we identify issues early in our #CI/#CD Pipeline with tools, we can fix issues early, before they even become issues.In this segment of AppSecEngineer's "Way of the Future", Abhay Bhargav compares 4 Kubernetes Static Analysis or Linting tools from a Security Perspective.These Tools are:* Terrascan from Accurics* Kube-Linter from StackRox* Checkov from BridgeCrew* KubeSec from ControlPlane.ioAll of these tools are Open-Source and are meant to do analysis of Kubernetes Manifests for security vulnerabilities.