[mcdan]

Another tool that can help here: https://github.com/aquasecurity/kube-bench

[jaytaylor]

This looks potentially very useful, thanks for sharing!

There appear to be several of these worth investigating. Ordered by highest to lowest apparent activity level and update frequency:

https://github.com/aquasecurity/kube-bench (Go)

https://github.com/neuvector/kubernetes-cis-benchmark (Bash)

https://github.com/dev-sec/cis-kubernetes-benchmark (Ruby)

[raesene9]

I'll add https://github.com/nccgroup/kube-auto-analyzer to that list (disclaimer, I for my sins, wrote it :) )

[kylegalbraith]

This is quite useful, thank you for pointing me in this direction!

[aboutsimon]

Super useful thanks, added it to the guide