Download PDF version Contact company

Aqua Security, the pioneer in cloud-native security, announced that Aqua Trivy, the world’s most popular unified security scanner, now provides full compliance scanning for CIS Kubernetes Benchmarks. With one comprehensive tool for security and compliance scanning, companies can eliminate friction and more confidently build and maintain secure cloud-native applications. 

Established by the Centre for Internet Security (CIS), these benchmarks are widely adopted as the standard for Kubernetes security. Companies running Kubernetes strive to adhere to these recommendations for configuring Kubernetes clusters and workloads.

CIS compliance scanning

Aqua Trivy brings the unique ability to perform the complete CIS Kubernetes benchmarks scan

Aqua had previously built Kube-bench, an industry-pioneering open-source tool for CIS compliance scanning, and now, these capabilities are integrated into Trivy for more comprehensive scanning and rich reporting.  

Aqua Kube-bench is a tremendous success and widely adopted in the Kubernetes ecosystem. We appreciate the community for using, promoting and contributing to the project. With Trivy covering more Kubernetes security scenarios, it made sense to merge kube-bench into Trivy,” said Itay Shakury, VP of Open Source for Aqua Security. “We believe kube-bench users will benefit greatly from moving to Trivy, which provides better CIS benchmark results in addition to many other security features.”

CIS Kubernetes benchmarks scan

Aqua Trivy brings the unique ability to perform the complete CIS Kubernetes benchmarks scan, including scans on the Kubernetes nodes themselves. Scans are performed automatically and result in detailed reports with recommendations for improving the architecture and workloads scanned based on CIS Kubernetes Benchmarks. It also supports NSA and Pod Security Standards (PSS) compliance scans, so teams can be sure their cloud native environments are fully protected and compliant. 

Additional benefits include:

  • Community support — Users can rely on Aqua Trivy’s massive open-source community for support, resources and feature development.
  • Superior developer experience — Trivy is easy to implement and manage. It either be used as a CLI tool on local machines, in CI pipelines or run as a Kubernetes Operator inside the cluster for continuous scans. And users have access to Trivy integrations with other cloud-native tools, such as Grafana for reporting.
  • Rich detail — Trivy unifies multiple scanners for cloud-native security, including vulnerability, workload misconfiguration, secret scanning, and more, to provide the most detailed results and recommendations possible.

Cloud-native applications

Trivy is built on the largest cloud-native security community

Trivy is the most comprehensive, easy-to-use open-source vulnerability and risk scanner for cloud-native environments, covering more languages, OS packages and application dependencies than any other open-source scanner. It provides fast, stateless scanning with no prerequisites for installation and delivers highly accurate results with broad coverage. 

With Trivy, developers, DevOps and DevSecOps have a more efficient, simplified tool for scanning source code, repositories, images, artefact registries, IaC templates and Kubernetes environments — all to secure cloud-native applications. 

Trivy is built on the largest cloud-native security community, and with tens of thousands of users and over 20,000 combined GitHub stars, it is also the most popular cloud-native vulnerability and risk scanner in the world and has been adopted by leading cloud platform providers and for DevOps projects like GitLab, Artefact Hub, and Harbour.

Download PDF version Download PDF version

In case you missed it

How can the industry do a better job of promoting emerging technologies in physical security environments?
How can the industry do a better job of promoting emerging technologies in physical security environments?

By all accounts, technology development is moving at a rapid pace in today's markets, including the physical security industry. However, market uptake of the newest technologies ma...

Dahua & KITT Engineering's LED screen innovations
Dahua & KITT Engineering's LED screen innovations

About a year and a half ago, Peter de Jong introduced Dahua to Fred Koks, General Manager of KITT Engineering. Since then, Dahua, KITT Engineering, and Ocean Outdoor have complete...

Protect assets with BCD's hybrid cloud NVR solutions
Protect assets with BCD's hybrid cloud NVR solutions

Like any retail franchise, car dealerships that have multiple locations nationwide require comprehensive, reliable, and scalable video surveillance solutions to protect their busin...

Quick poll
What is the most significant challenge facing smart building security today?