StackRox has released its new open source static analysis tool called KubeLinter to identify misconfigurations in Kubernetes deployments.

KubeLinter enables the Kubernetes community to automate the analysis of Kubernetes YAML files and Helm charts prior to deployment into a cluster. The idea is to validate that Kubernetes has been configured following security best practices.

This enhances developer productivity, integrating security-as-code with DevOps and DevSecOps processes. It also ensures the automatic enforcement of hardened security policies for Kubernetes applications.

KubeLinter enables users to treat configurations as code and build security into the application development process earlier.

In contrast to Kubernetes defaults, KubeLinter’s defaults are security-centric so users will have to explicitly opt-in to configure Kubernetes in a manner that is considered insecure.

The built-in checks provided by KubeLinter can be extended to include custom checks for many Kubernetes configuration parameters.

As an open source tool available under the Apache 2.0 license, users will also be able to contribute to the project by extending KubeLinter with additional checks for community use.

You may also like