Aqua Security has made its new Kube-hunter open-source tool generally available, enabling organizations to conduct penetration tests against Kubernetes container orchestration deployments.
Kube-hunter’s release was officially announced on Aug.17, with project code freely available on GitHub. Rather than looking for vulnerabilities inside of container images, what Kube-hunter does is it looks for exploitable vulnerabilities in the configuration and deployment of Kubernetes clusters. The project code is open-source and can be run against an organization’s own clusters, with additional online reporting capabilities provided by Aqua Security.