Skip to content

Latest commit

 

History

History
96 lines (73 loc) · 5.1 KB

README.md

File metadata and controls

96 lines (73 loc) · 5.1 KB

Starboard logo

Kubernetes-native security toolkit.

GitHub Release GitHub Build Actions Coverage Status Go Report Card License GitHub All Releases Docker Pulls Starboard Docker Pulls Starboard Operator

Introduction

Starboard integrates security tools into the Kubernetes environment, so that users can find and view the risks that relate to different resources in a Kubernetes-native way. Starboard provides Custom Resource Definitions and a Go module to work with a range of existing security scanners, as well as a kubectl-compatible command, the Octant Plugin, and the Lens Extension that make security reports available through familiar Kubernetes tools.

Starboard Overview

Starboard provides:

  • Automated vulnerability scanning for Kubernetes applications.
  • Automated configuration audits for Kubernetes resources with predefined rules or custom Open Policy Agent (OPA) policies.
  • Automated infrastructures scanning and compliance checks with CIS Benchmarks published by the Center for Internet Security (CIS).
  • Penetrations test results for a Kubernetes cluster.

Starboard can be run in two different modes:

  • As a Kubernetes operator to automatically update security reports in response to workload and other changes on a Kubernetes cluster - for example, initiating a vulnerability scan when a new Pod is started or running CIS Benchmarks when a new Node is added.
  • As a command, so you can trigger scans and view the risks in a kubectl-compatible way or as part of your CI/CD pipeline.

You can read more about the motivations and use cases in this blog and join our discussions.

Status

This project is incubating and the APIs are not considered stable.

Documentation

The official documentation, which provides detailed installation, configuration, and quick start guides, is available at https://aquasecurity.github.io/starboard/.

Try the Getting Started guide to install the Starboard command and generate your first vulnerability report.

Contributing

At this early stage we would love your feedback on the overall concept of Starboard. Over time we'd love to see contributions integrating different security tools so that users can access security information in standard, Kubernetes-native ways.

  • See CONTRIBUTING.md for information about setting up your development environment, and the contribution workflow that we expect.
  • See ROADMAP.md for tentative features in a 1.0 release.
  • Join our discussions.

Starboard is an Aqua Security open source project.
Learn about our open source work and portfolio here.
Contact us about any matter by opening a GitHub Discussion here.