Checkov is an infrastructure as code scanning tool which provides static code analysis for infrastructure prior to deploying. Since Kubernetes resources can be defined as code in runtime, Checkov can be used for scanning in runtime. A caveat to this is that typically checkov reports on the file that is not compliant, but in runtime there is no concept of files.
Checkov can be deployed in Kubernetes as a Job to get immediate feedback on the state of resources in your cluster.
kubectl apply -f https://raw.githubusercontent.com/bridgecrewio/checkov/master/kubernetes/checkov-job.yaml
Review the output of the job.
kubectl get jobs -n checkov
kubectl logs job/checkov -n checkov