k8s合规

https://hub.steampipe.io/mods/turbot/aws_compliance/controls/benchmark.cis_v150https://www.armosec.io/blog/kubernetes-hardening-guidance-summary-by-armo/?utm_source=github&utm_medium=repositoryhttps:/

信安成长日记

461人浏览 · 2023-07-24 11:38:23

信安成长日记 · 2023-07-24 11:38:23 发布

https://www.armosec.io/blog/kubernetes-hardening-guidance-summary-by-armo/?utm_source=github&utm_medium=repository

CIS

CIS WorkBench / Home (cisecurity.org) 可以注册看CIS条例

CIS Downloads (cisecurity.org)

adeliarisk.com/wp-content/uploads/2021/02/ea379fb337eb5d3def3e80339a91ff90.pdf

GitHub - mez-0/cis-benchmarks: CIS Benchmarks as of 20/05/2020

Center for Internet Security (CIS) Benchmarks (adeliarisk.com)

HIPPA

Best Practices for Kubernetes Compliance Under HIPAA | ARMO (armosec.io)

https://storage.pardot.com/799323/16758742307JCwZvhM/CIS_Controls_v8_Mapping_to_HIPAA_2_2023.xlsx

HIPAA Compliance Checklist - What Is HIPAA Compliance? (atlantic.net)

The Security Rule | HHS.gov

eCFR :: 45 CFR Subtitle A Subchapter C -- Administrative Data Standards and Related Requirements

GDPR

General Data Protection Regulation (GDPR) – Official Legal Text (gdpr-info.eu)

Kubernetes Compliance under GDPR | ARMO (armosec.io)

从GDPR看企业数据安全合规建设 (renrendoc.com)

A Guide to GDPR Compliance for Containers and the Cloud – Sysdig

Achieve and Enforce GDPR Compliance for Containers & Kubernetes (neuvector.com)

AWS GDPR compliance with Sysdig Secure – Sysdig

Kubernetes Compliance under GDPR | ARMO (armosec.io)

Preparing Container-Based Applications for GDPR: What You Need to Know (aquasec.com)

GDPR Compliance and Kubernetes Environments (cyberlands.io)

Preparing Container-Based Applications for GDPR: What You Need to Know (aquasec.com)

PCI-DSS

PCI Compliance for Containers and Kubernetes – Sysdig

listings.pcisecuritystandards.org/documents/PCI_DSS-QRG-v3_2_1.pdf

Payment Card Industry Data Security Standard (pcisecuritystandards.org)

Containers and PCI DSS: 10 requirements financial services must follow - FinTech Futures

PCI & CIS: Partners in Data Security (cisecurity.org)

PCI DSS Prioritized Approach for PCI DSS 3.2 (pcisecuritystandards.org)

Framework for Improving Critical Infrastructure Cybersecurity, Version 1.1 (nist.gov)

NIST 800-53 compliance for containers and Kubernetes | Sysdig

Application Container Security Guide (nist.gov)NIST SP800-190（中文版） - 道客巴巴 (doc88.com)

11 种微服务和容器安全最佳实践（下） - 嘶吼 RoarTalk – 网络安全行业综合服务平台,4hou.com

等保2.0 VS NIST800-53之账户管理 | SDNLAB | 专注网络创新技术

NIST SP 800-190 Application Container Security | Sysdig

GUIDE. NIST 800-190 Application Security Guide Checklist (lookbookhq.com)

工具

GitHub - prowler-cloud/prowler: Prowler is an Open Source Security tool for AWS, Azure and GCP to perform Cloud Security best practices assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, Well-Architected Security, ENS and more.

K8S/Kubernetes

K8S/Kubernetes社区为您提供最前沿的新闻资讯和知识内容

更多推荐

【深度】阿里巴巴万级规模 K8s 集群全局高可用体系之美

作者 | 韩堂、柘远、沉醉来源 | 阿里巴巴云原生公众号前言台湾作家林清玄在接受记者采访的时候，如此评价自己 30 多年写作生涯：“第一个十年我才华横溢，‘贼光闪现’，令周边黯然失色；第二个十年，我终于‘宝光现形’，不再去抢风头，反而与身边的美丽相得益彰；进入第三个十年，繁华落尽见真醇，我进入了‘醇光初现’的阶段，真正体味到了境界之美”。长夜有穷，真水无香。领略过了 K8s“身在江

K8S/Kubernetes

如何基于 K8s 构建下一代 DevOps 平台？

作者 | 孙健波（天元）导读：当前云原生 DevOps 体系现状如何？面临哪些挑战？如何通过 OAM 解决云原生 DevOps 场景下的诸多问题？云原生开发应用模型 OAM(Open Application Model) 社区核心成员孙健波将为大家一一解答，并分享如何基于 OAM 和 Kubernetes 打造无限能力的下一代 DevOps 平台。什么是 DevOps？为什么基于 Kub