StackRox Releases KubeLinter
October 28, 2020

StackRox announced the release of KubeLinter, its new open source static analysis tool to identify misconfigurations in Kubernetes deployments.

KubeLinter offers the ability to automate the analysis of Kubernetes YAML files and Helm charts prior to deployment into a cluster to validate that Kubernetes has been configured following security best practices. This enhances developer productivity, integrating security-as-code with DevOps and DevSecOps processes while ensuring the automatic enforcement of hardened security policies for Kubernetes applications.

“We developed KubeLinter to provide the Kubernetes community with a better, more automated way to identify misconfigurations and deviations from best practices that limit organizations from realizing the full potential of cloud-native applications,” said Ali Golshan, StackRox co-founder and CTO. “Releasing KubeLinter as an open source tool will ultimately help Kubernetes users create hardened environments that are increasingly resistant to the inherent risks generated by the frequent configuration changes common in development practices.”

KubeLinter provides an automated means to carry out configuration checks, a complex, error-prone process traditionally done manually. KubeLinter can also be integrated into continuous integration (CI) systems to simplify how changes are proposed and made to YAML files and Helm charts by developers and security teams.

“If you’ve spent time crafting Kubernetes YAML files, you know it can be pretty arduous – there are so many different objects, so many knobs and dials, so many cross-references to keep track of,” said Viswajith Venugopal, StackRox Software Engineer and Lead Developer of KubeLinter. “Further, in most cases, default configurations for Kubernetes objects are geared towards making it easy for users to get their apps up-and-running quickly, and not for secure, production-ready configurations. KubeLinter is our answer to this problem.”

KubeLinter enables users to treat configurations as code and build security into the application development process earlier. In contrast to Kubernetes defaults, KubeLinter’s defaults are security-centric, so users will have to explicitly opt-in to configure Kubernetes in a manner that is considered insecure. The built-in checks provided by KubeLinter can be easily extended to include custom checks for many Kubernetes configuration parameters. As an open source tool available under the Apache 2.0 license, users will also be able to contribute to the project by extending KubeLinter with additional checks for community use.

Share this

Industry News

December 02, 2020

Amazon Web Services (AWS), an Amazon.com company, announced Amazon DevOps Guru, a fully-managed operations service that uses machine learning to make it easier for developers to improve application availability by automatically detecting operational issues and recommending specific actions for remediation.

December 02, 2020

Salesforce and Slack Technologies have entered into a definitive agreement under which Salesforce will acquire Slack.

December 02, 2020

Kasten by Veeam announced Kasten K10 v3.0.

December 02, 2020

Mattermost announced the launch of Mattermost Cloud, a new SaaS platform that is designed to optimize collaboration for DevOps teams and privacy-conscious enterprises.

December 01, 2020

CloudBees announced a virtual launch event on December 10 to formally release the first two modules of its Software Delivery Management solution: CloudBees Engineering Efficiency and CloudBees Feature Management.

December 01, 2020

GitOps creator Weaveworks announced the availability of release 2.4 of Weave Kubernetes Platform (WKP).

December 01, 2020

Adaptavist has joined the Sonatype partner program as a Platinum Enterprise Partner.

November 30, 2020

Shipa is open sourcing Ketch, Shipa's deployment engine, under Apache License Version 2.0.

November 30, 2020

Portworx by Pure Storage announced its qualification and support of Portworx Enterprise for Google Cloud's Anthos on bare metal.

November 30, 2020

SnapLogic now supports SaaS contracts in AWS Marketplace, a digital catalog with thousands of software listings from independent software vendors that make it easy to find, test, buy, and deploy software that runs on Amazon Web Services (AWS).

November 24, 2020

Red Hat announced new capabilities and features for Red Hat OpenShift, the company's enterprise Kubernetes platform.

November 24, 2020

Sectigo released Chef, Jenkins, JetStack Cert-Manager, Puppet, and SaltStack integrations for its certificate management platform.

November 24, 2020

DataStax released K8ssandra, an open-source distribution of Apache Cassandra on Kubernetes.

November 23, 2020

Spectro Cloud has released a new, self-hosted version of its flagship product, Spectro Cloud.

November 23, 2020

GitLab completed integration of Peach Tech, a security software firm specializing in protocol fuzz testing and dynamic application security testing (DAST) API testing, and Fuzzit, a continuous fuzz testing solution providing coverage-guided testing.