Skip to content

m9sweeper/m9sweeper

Repository files navigation

logo

m9sweeper

Kubernetes Security for Everyone!

contributors last update forks stars open issues license


📔 Table of Contents

🌟 About the Project

m9sweeper is a free and easy kubernetes security platform. It integrates industry standard open source utilities into a one-stop-shop kubernetes security tool that can walk most kubernetes adminstrators through securing a kubernetes cluster as well as the apps running on the cluster.

📷 Features in Action

m9sweeper-features-gif

🎯 Features

m9sweeper makes securing a cluster easy with:

  • CVE Scanning
  • Enforcement of CVE Scanning Rules
  • Reports and Dashboards, including historical reporting to see how your security posture has changed over time
  • CIS Security Benchmarking
  • Pen Testing
  • Deployment Coaching
  • Intrusion Detection
  • Gatekeeper Policy Management

🧰 Toolbox

m9sweeper makes it easy to orchestrate the implementation of a number of free security tools:

Trivy: CVE Scanner

Kubesec: Deployment Best Practices

kube-bench: CIS Benchmarks

OPA Gatekeeper: Compliance and Security Policies

kube-hunter: Cluster Penetration Testing

Project Falco: Intrusion Detection

‼️ Prerequisites

This project requires a Kubernetes Cluster and uses helm as package manager

Installing Kubernetes Locally with Minikube
Mac: Install from terminal
curl -LO https://storage.googleapis.com/minikube/releases/latest/minikube-darwin-amd64
sudo install minikube-darwin-amd64 /usr/local/bin/minikube

Windows: Install with chocolatey and install a bash client
choco install minikube
choco install git

Both: Start Kubernetes
minikube start --cni calico --kubernetes-version=v1.23.16
kubectl get pods --all-namespaces

More at  https://minikube.sigs.k8s.io/docs/start/

⚙️ Quick Installation

While our documentation has more details, installing m9sweeper can be as simple as running a few CLI commands to install it into your own kubernetes cluster with helm.

helm repo add m9sweeper https://m9sweeper.github.io/m9sweeper && \
helm repo update && \
helm upgrade m9sweeper m9sweeper/m9sweeper --install --wait \
  --create-namespace --namespace m9sweeper-system \
  --set-string dash.init.superAdminEmail="super.admin@m9sweeper.io" \
  --set-string dash.init.superAdminPassword="password" \
  --set-string global.jwtSecret="changeme" \
  --set-string global.apiKey="YOUR-API-KEY"

👋 Contributing

The initial project was created by team members at Intelletive Consulting at times when projects were slow or to train new members, but we hope others will contribute as well. Thanks goes to these wonderful people (emoji key):

Jacob Beasley
Jacob Beasley

💻 📖 🔬 📆 🚇
jasonWoodman
jasonWoodman

💻 📖 🔬 📆 🚇
Brandan Schmitz
Brandan Schmitz

💻 🚇 📖
KBerndt10
KBerndt10

💻 🚇
beckysaunders94
beckysaunders94

💻
Farhan Tanvir
Farhan Tanvir

💻
jshoberg
jshoberg

💻
charisprose
charisprose

💻 ⚠️
Gazi Tarique Mahmud
Gazi Tarique Mahmud

💻
Shibly
Shibly

💻
sabbirali
sabbirali

💻
Grant Keiner
Grant Keiner

💻
grantoenges
grantoenges

💻
Maggie Tian
Maggie Tian
💻
Rakibul Rushel
Rakibul Rushel
💻
Jobayer Ahmed
Jobayer Ahmed
💻
Steve Gagnon
Steve Gagnon
💻
Khorshed Alam
Khorshed Alam
💻
Koti Vellanki
Koti Vellanki
💻
Sahil Narang
Sahil Narang
💻 🚇
Shahriya Siddique
Shahriya Siddique
💻
Raiyan Prodhan
Raiyan Prodhan
💻
Kristin Sandness
Kristin Sandness
💻
Samer Sarker
Samer Sarker
💻

This project follows the all-contributors specification. Contributions of any kind welcome!

Feature Requests

If you have feature requests, please submit them as github issues and prefix the request with "Feature Request:". If you find the feature has already been requested, then please upvote that feature so we know it is a feature that others are looking for.

This helps us to prioritize further feature development based upon the needs of our users.

⚠️ License

Distributed under the Apache License v2. See LICENSE.txt for more information.

🤝 Contact

Official website - @official_website

Project Link: https://github.com/m9sweeper/m9sweeper