Container and Kubernetes safety firm StackRox on Wednesday introduced the discharge of KubeLinter, an open supply software designed to assist customers establish misconfigurations in Kubernetes deployments.
KubeLinter is a static evaluation software that checks YAML recordsdata, which retailer configuration knowledge for Kubernetes purposes, to make sure that safety greatest practices are adopted.
A research carried out not too long ago by StackRox confirmed {that a} majority of Kubernetes-related incidents are brought on by human error, with misconfigurations being cited in two-thirds of instances.
Checking configurations is usually achieved manually, however the firm says it’s not a straightforward course of and it typically ends in errors. KubeLinter, which is a command-line software, goals to handle this by automating the method of checking YAML recordsdata and Helm charts (used to handle configurations) earlier than they’re deployed in a Kubernetes cluster.
The software has built-in checks for widespread misconfigurations, similar to guaranteeing that the least privileges precept is utilized, following good label hygiene, guaranteeing that it’s not operating as root, the presence of readiness probes, and the usage of useful resource necessities. Customized checks may also be created by customers.
KubeLinter will be run on developer machines, however it may also be built-in into a company’s steady integration (CI) techniques.
“We developed KubeLinter to offer the Kubernetes neighborhood with a greater, extra automated technique to establish misconfigurations and deviations from greatest practices that restrict organizations from realizing the complete potential of cloud-native purposes,” mentioned Ali Golshan, StackRox co-founder and CTO. “Releasing KubeLinter as an open supply software will finally assist Kubernetes customers create hardened environments which might be more and more immune to the inherent dangers generated by the frequent configuration modifications widespread in growth practices.”
The KubeLinter supply code is on the market on GitHub and the Kubernetes neighborhood has been invited to contribute to the software, which is at present described as being in a really early stage of growth.
StackRox has additionally launched a brief video explaining why it created KubeLinter and the way customers can contribute to the challenge.
StackRox not too long ago raised $26.5 million in funding, bringing the overall funding secured by the corporate to $61 million.
Associated: BlackBerry Releases Open Supply Reverse Engineering Software
Associated: Adobe Open Sources Software for Sanitizing Logs, Detecting Uncovered Credentials
Associated: Google Releases Open Supply Software for Discovering File Entry Vulnerabilities
Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He labored as a highschool IT instructor for 2 years earlier than beginning a profession in journalism as Softpedia’s safety information reporter. Eduard holds a bachelor’s diploma in industrial informatics and a grasp’s diploma in laptop methods utilized in electrical engineering.
Tags: stackrox user guide,stackrox customers,stackrox executive team,stackrox license,stackrox benefits,staxrox
