[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"project-5003":3},{"id":4,"name":5,"fullName":6,"owner":5,"repo":5,"description":7,"homepage":8,"htmlUrl":9,"language":10,"languages":9,"totalLinesOfCode":9,"stars":11,"forks":12,"watchers":13,"openIssues":14,"contributorsCount":15,"subscribersCount":15,"size":15,"stars1d":16,"stars7d":17,"stars30d":18,"stars90d":15,"forks30d":15,"starsTrendScore":19,"compositeScore":20,"rankGlobal":9,"rankLanguage":9,"license":21,"archived":22,"fork":22,"defaultBranch":23,"hasWiki":24,"hasPages":22,"topics":25,"createdAt":9,"pushedAt":9,"updatedAt":33,"readmeContent":34,"aiSummary":35,"trendingCount":15,"starSnapshotCount":15,"syncStatus":36,"lastSyncTime":37,"discoverSource":38},5003,"kubescape","kubescape\u002Fkubescape","Kubescape is an open-source Kubernetes security platform for your IDE, CI\u002FCD pipelines, and clusters. It includes risk analysis, security, compliance, and misconfiguration scanning, saving Kubernetes users and administrators precious time, effort, and resources.","https:\u002F\u002Fkubescape.io",null,"Go",11478,951,96,48,0,4,20,82,15,43.94,"Apache License 2.0",false,"master",true,[26,27,28,29,30,31,32],"best-practice","devops","kubernetes","mitre-attack","nsa","security","vulnerability-detection","2026-06-12 02:01:07","[![Version](https:\u002F\u002Fimg.shields.io\u002Fgithub\u002Fv\u002Frelease\u002Fkubescape\u002Fkubescape)](https:\u002F\u002Fgithub.com\u002Fkubescape\u002Fkubescape\u002Freleases)\n[![build](https:\u002F\u002Fgithub.com\u002Fkubescape\u002Fkubescape\u002Factions\u002Fworkflows\u002F02-release.yaml\u002Fbadge.svg)](https:\u002F\u002Fgithub.com\u002Fkubescape\u002Fkubescape\u002Factions\u002Fworkflows\u002F02-release.yaml)\n[![Go Report Card](https:\u002F\u002Fgoreportcard.com\u002Fbadge\u002Fgithub.com\u002Fkubescape\u002Fkubescape)](https:\u002F\u002Fgoreportcard.com\u002Freport\u002Fgithub.com\u002Fkubescape\u002Fkubescape)\n[![Gitpod Ready-to-Code](https:\u002F\u002Fimg.shields.io\u002Fbadge\u002FGitpod-Ready--to--Code-blue?logo=gitpod)](https:\u002F\u002Fgitpod.io\u002F#https:\u002F\u002Fgithub.com\u002Fkubescape\u002Fkubescape)\n[![GitHub](https:\u002F\u002Fimg.shields.io\u002Fgithub\u002Flicense\u002Fkubescape\u002Fkubescape)](https:\u002F\u002Fgithub.com\u002Fkubescape\u002Fkubescape\u002Fblob\u002Fmaster\u002FLICENSE)\n[![CNCF](https:\u002F\u002Fshields.io\u002Fbadge\u002FCNCF-Incubating%20project-blue?logo=linux-foundation&style=flat)](https:\u002F\u002Flandscape.cncf.io\u002F?item=provisioning--security-compliance--kubescape)\n[![Artifact HUB](https:\u002F\u002Fimg.shields.io\u002Fendpoint?url=https:\u002F\u002Fartifacthub.io\u002Fbadge\u002Frepository\u002Fkubescape)](https:\u002F\u002Fartifacthub.io\u002Fpackages\u002Fsearch?repo=kubescape)\n[![FOSSA Status](https:\u002F\u002Fapp.fossa.com\u002Fapi\u002Fprojects\u002Fgit%2Bgithub.com%2Fkubescape%2Fkubescape.svg?type=shield&issueType=license)](https:\u002F\u002Fapp.fossa.com\u002Fprojects\u002Fgit%2Bgithub.com%2Fkubescape%2Fkubescape?ref=badge_shield&issueType=license)\n[![OpenSSF Best Practices](https:\u002F\u002Fwww.bestpractices.dev\u002Fprojects\u002F6944\u002Fbadge)](https:\u002F\u002Fwww.bestpractices.dev\u002Fprojects\u002F6944)\n[![OpenSSF Scorecard](https:\u002F\u002Fapi.securityscorecards.dev\u002Fprojects\u002Fgithub.com\u002Fkubescape\u002Fkubescape\u002Fbadge)](https:\u002F\u002Fsecurityscorecards.dev\u002Fviewer\u002F?uri=github.com\u002Fkubescape\u002Fkubescape)\n[![Docs](https:\u002F\u002Fimg.shields.io\u002Fbadge\u002Fdocs-latest-brightgreen?logo=gitbook)](https:\u002F\u002Fkubescape.io\u002Fdocs\u002F)\n[![Stars](https:\u002F\u002Fimg.shields.io\u002Fgithub\u002Fstars\u002Fkubescape\u002Fkubescape?style=social)](https:\u002F\u002Fgithub.com\u002Fkubescape\u002Fkubescape\u002Fstargazers)\n[![Twitter Follow](https:\u002F\u002Fimg.shields.io\u002Ftwitter\u002Ffollow\u002Fkubescape?style=social)](https:\u002F\u002Ftwitter.com\u002Fkubescape)\n[![Slack](https:\u002F\u002Fimg.shields.io\u002Fbadge\u002Fslack-kubescape-blueviolet?logo=slack)](https:\u002F\u002Fcloud-native.slack.com\u002Farchives\u002FC04EY3ZF9GE)\n\n# Kubescape\n\n\u003Cpicture>\n  \u003Csource media=\"(prefers-color-scheme: dark)\" srcset=\"https:\u002F\u002Fraw.githubusercontent.com\u002Fcncf\u002Fartwork\u002Fmaster\u002Fprojects\u002Fkubescape\u002Fstacked\u002Fwhite\u002Fkubescape-stacked-white.svg\" width=\"150\">\n  \u003Csource media=\"(prefers-color-scheme: light)\" srcset=\"https:\u002F\u002Fraw.githubusercontent.com\u002Fcncf\u002Fartwork\u002Fmaster\u002Fprojects\u002Fkubescape\u002Fstacked\u002Fcolor\u002Fkubescape-stacked-color.svg\" width=\"150\">\n  \u003Cimg alt=\"Kubescape logo\" align=\"right\" src=\"https:\u002F\u002Fraw.githubusercontent.com\u002Fcncf\u002Fartwork\u002Fmaster\u002Fprojects\u002Fkubescape\u002Fstacked\u002Fcolor\u002Fkubescape-stacked-color.svg\" width=\"150\">\n\u003C\u002Fpicture>\n\n_Comprehensive Kubernetes Security from Development to Runtime_\n\nKubescape is an open-source Kubernetes security platform that provides comprehensive security coverage, from left to right across the entire development and deployment lifecycle. It offers hardening, posture management, and runtime security capabilities to ensure robust protection for Kubernetes environments.\n\nKubescape was created by [ARMO](https:\u002F\u002Fwww.armosec.io\u002F?utm_source=github&utm_medium=repository) and is a [Cloud Native Computing Foundation (CNCF) incubating project](https:\u002F\u002Fwww.cncf.io\u002Fprojects\u002F).\n\n_Please [star ⭐](https:\u002F\u002Fgithub.com\u002Fkubescape\u002Fkubescape\u002Fstargazers) the repo if you want us to continue developing and improving Kubescape!_\n\n---\n\n## 📑 Table of Contents\n\n- [Features](#-features)\n- [Demo](#-demo)\n- [Quick Start](#-quick-start)\n- [Installation](#-installation)\n- [CLI Commands](#%EF%B8%8F-cli-commands)\n- [Usage Examples](#-usage-examples)\n- [Architecture](#%EF%B8%8F-architecture)\n- [In-Cluster Operator](#%EF%B8%8F-in-cluster-operator)\n- [Integrations](#-integrations)\n- [Community](#-community)\n- [Changelog](#changelog)\n- [License](#license)\n\n---\n\n## ✨ Features\n\n| Feature | Description |\n|---------|-------------|\n| 🔍 **Misconfiguration Scanning** | Scan clusters, YAML files, and Helm charts against NSA-CISA, MITRE ATT&CK®, and CIS Benchmarks |\n| 🐳 **Image Vulnerability Scanning** | Detect CVEs in container images using [Grype](https:\u002F\u002Fgithub.com\u002Fanchore\u002Fgrype) |\n| 🩹 **Image Patching** | Automatically patch vulnerable images using [Copacetic](https:\u002F\u002Fgithub.com\u002Fproject-copacetic\u002Fcopacetic) |\n| 🔧 **Auto-Remediation** | Automatically fix misconfigurations in Kubernetes manifests |\n| 🛡️ **Admission Control** | Enforce security policies with Validating Admission Policies (VAP) |\n| 📊 **Runtime Security** | eBPF-based runtime monitoring via [Inspektor Gadget](https:\u002F\u002Fgithub.com\u002Finspektor-gadget) |\n| 🤖 **AI Integration** | MCP server for AI assistant integration |\n\n---\n\n## 🎬 Demo\n\n\u003Cimg src=\"docs\u002Fimg\u002Fdemo-v3.gif\" alt=\"Kubescape CLI demo\">\n\n---\n\n## 🚀 Quick Start\n\n### 1. Install Kubescape\n\n```sh\ncurl -s https:\u002F\u002Fraw.githubusercontent.com\u002Fkubescape\u002Fkubescape\u002Fmaster\u002Finstall.sh | \u002Fbin\u002Fbash\n```\n\n> 💡 See [Installation](#-installation) for more options (Homebrew, Krew, Windows, etc.)\n\n### 2. Run Your First Scan\n\n```sh\n# Scan your current cluster\nkubescape scan\n\n# Scan a specific YAML file or directory\nkubescape scan \u002Fpath\u002Fto\u002Fmanifests\u002F\n\n# Scan a container image for vulnerabilities\nkubescape scan image nginx:latest\n```\n\n### 3. Explore the Results\n\nKubescape provides a detailed security posture overview including:\n- Control plane security status\n- Access control risks\n- Workload misconfigurations\n- Network policy gaps\n- Compliance scores (MITRE, NSA)\n\n---\n\n## 📦 Installation\n\n### One-Line Install (Linux\u002FmacOS)\n\n```bash\ncurl -s https:\u002F\u002Fraw.githubusercontent.com\u002Fkubescape\u002Fkubescape\u002Fmaster\u002Finstall.sh | \u002Fbin\u002Fbash\n```\n\n### Package Managers\n\n| Platform | Command |\n|----------|---------|\n| **Homebrew** | `brew install kubescape` |\n| **Krew** | `kubectl krew install kubescape` |\n| **Arch Linux** | `yay -S kubescape` |\n| **Ubuntu** | `sudo add-apt-repository ppa:kubescape\u002Fkubescape && sudo apt install kubescape` |\n| **NixOS** | `nix-shell -p kubescape` |\n| **Chocolatey** | `choco install kubescape` |\n| **Scoop** | `scoop install kubescape` |\n\n### Windows (PowerShell)\n\n```powershell\niwr -useb https:\u002F\u002Fraw.githubusercontent.com\u002Fkubescape\u002Fkubescape\u002Fmaster\u002Finstall.ps1 | iex\n```\n\n📖 **[Full Installation Guide →](docs\u002Finstallation.md)**\n\n---\n\n## 🛠️ CLI Commands\n\nKubescape provides a comprehensive CLI with the following commands:\n\n| Command | Description |\n|---------|-------------|\n| [`kubescape scan`](#scanning) | Scan cluster, files, or images for security issues |\n| [`kubescape scan image`](#image-scanning) | Scan container images for vulnerabilities |\n| [`kubescape fix`](#auto-fix) | Auto-fix misconfigurations in manifest files |\n| [`kubescape patch`](#image-patching) | Patch container images to fix vulnerabilities |\n| [`kubescape list`](#list-frameworks-and-controls) | List available frameworks and controls |\n| [`kubescape download`](#offline-support) | Download artifacts for offline\u002Fair-gapped use |\n| [`kubescape config`](#configuration) | Manage cached configurations |\n| [`kubescape operator`](#operator-commands) | Interact with in-cluster Kubescape operator |\n| [`kubescape vap`](#validating-admission-policies) | Manage Validating Admission Policies |\n| [`kubescape mcpserver`](#mcp-server) | Start MCP server for AI assistant integration |\n| `kubescape completion` | Generate shell completion scripts |\n| `kubescape version` | Display version information |\n\n---\n\n## 📖 Usage Examples\n\n### Scanning\n\n#### Scan a Running Cluster\n\n```bash\n# Default scan (all frameworks)\nkubescape scan\n\n# Scan with a specific framework\nkubescape scan framework nsa\nkubescape scan framework mitre\nkubescape scan framework cis-v1.23-t1.0.1\n\n# Scan a specific control\nkubescape scan control C-0005 -v\n```\n\n#### Scan Files and Repositories\n\n```bash\n# Scan local YAML files\nkubescape scan \u002Fpath\u002Fto\u002Fmanifests\u002F\n\n# Scan a Helm chart\nkubescape scan \u002Fpath\u002Fto\u002Fhelm\u002Fchart\u002F\n\n# Scan a Git repository\nkubescape scan https:\u002F\u002Fgithub.com\u002Fkubescape\u002Fkubescape\n\n# Scan with Kustomize\nkubescape scan \u002Fpath\u002Fto\u002Fkustomize\u002Fdirectory\u002F\n```\n\n#### Scan Options\n\n```bash\n# Include\u002Fexclude namespaces\nkubescape scan --include-namespaces production,staging\nkubescape scan --exclude-namespaces kube-system,kube-public\n\n# Use alternative kubeconfig\nkubescape scan --kubeconfig \u002Fpath\u002Fto\u002Fkubeconfig\n\n# Set compliance threshold (exit code 1 if below threshold)\nkubescape scan --compliance-threshold 80\n\n# Set severity threshold\nkubescape scan --severity-threshold high\n```\n\n#### Output Formats\n\n```bash\n# JSON output\nkubescape scan --format json --output results.json\n\n# JUnit XML (for CI\u002FCD)\nkubescape scan --format junit --output results.xml\n\n# SARIF (for GitHub Code Scanning)\nkubescape scan --format sarif --output results.sarif\n\n# HTML report\nkubescape scan --format html --output report.html\n\n# PDF report\nkubescape scan --format pdf --output report.pdf\n```\n\n### Image Scanning\n\n```bash\n# Scan a public image\nkubescape scan image nginx:1.21\n\n# Scan with verbose output\nkubescape scan image nginx:1.21 -v\n\n# Scan a private registry image\nkubescape scan image myregistry\u002Fmyimage:tag --username user --password pass\n```\n\n#### Using an Offline Grype Database\n```bash\n# Start the offline Grype-DB server (using docker)\ndocker run --rm -p8080:8080 quay.io\u002Fkubescape\u002Fgrype-offline-db:v6-latest\n\n# Scan an image using the offline database:\nkubescape scan image --grype-db-url http:\u002F\u002Flocalhost:8080\u002Fdatabases\u002F nginx:latest\n```\n\n### Auto-Fix\n\nAutomatically fix misconfigurations in your manifest files:\n\n```bash\n# First, scan and save results to JSON\nkubescape scan \u002Fpath\u002Fto\u002Fmanifests --format json --output results.json\n\n# Then apply fixes\nkubescape fix results.json\n\n# Dry run (preview changes without applying)\nkubescape fix results.json --dry-run\n\n# Apply fixes without confirmation prompts\nkubescape fix results.json --no-confirm\n```\n\n### Image Patching\n\nPatch container images to fix OS-level vulnerabilities:\n\n```bash\n# Start buildkitd (required)\nsudo buildkitd &\n\n# Patch an image\nsudo kubescape patch --image docker.io\u002Flibrary\u002Fnginx:1.22\n\n# Specify custom output tag\nsudo kubescape patch --image nginx:1.22 --tag nginx:1.22-patched\n\n# See detailed vulnerability report\nsudo kubescape patch --image nginx:1.22 -v\n```\n\n📖 **[Full Patch Command Documentation →](cmd\u002Fpatch\u002FREADME.md)**\n\n### List Frameworks and Controls\n\n```bash\n# List available frameworks\nkubescape list frameworks\n\n# List all controls\nkubescape list controls\n\n# Output as JSON\nkubescape list controls --format json\n```\n\n### Offline Support\n\nDownload artifacts for air-gapped environments:\n\n```bash\n# Download all artifacts\nkubescape download artifacts --output \u002Fpath\u002Fto\u002Foffline\u002Fdir\n\n# Download a specific framework\nkubescape download framework nsa --output \u002Fpath\u002Fto\u002Fnsa.json\n\n# Scan using downloaded artifacts\nkubescape scan --use-artifacts-from \u002Fpath\u002Fto\u002Foffline\u002Fdir\n```\n\n### Configuration\n\n```bash\n# View current configuration\nkubescape config view\n\n# Set account ID\nkubescape config set accountID \u003Cyour-account-id>\n\n# Delete cached configuration\nkubescape config delete\n```\n\n### Operator Commands\n\nInteract with the in-cluster Kubescape operator:\n\n```bash\n# Trigger a configuration scan\nkubescape operator scan configurations\n\n# Trigger a vulnerability scan\nkubescape operator scan vulnerabilities\n```\n\n### Validating Admission Policies\n\nManage Kubernetes Validating Admission Policies:\n\n```bash\n# Deploy the Kubescape CEL admission policy library\nkubescape vap deploy-library | kubectl apply -f -\n\n# Create a policy binding\nkubescape vap create-policy-binding \\\n  --name my-policy-binding \\\n  --policy c-0016 \\\n  --namespace my-namespace | kubectl apply -f -\n```\n\n### MCP Server\n\nStart an MCP (Model Context Protocol) server for AI assistant integration:\n\n```bash\nkubescape mcpserver\n```\n\nThe MCP server exposes Kubescape's vulnerability and configuration scan data to AI assistants, enabling natural language queries about your cluster's security posture.\n\n**Available MCP Tools:**\n- `list_vulnerability_manifests` - Discover vulnerability manifests\n- `list_vulnerabilities_in_manifest` - List CVEs in a manifest\n- `list_vulnerability_matches_for_cve` - Get details for a specific CVE\n- `list_configuration_security_scan_manifests` - List configuration scan results\n- `get_configuration_security_scan_manifest` - Get configuration scan details\n\n---\n\n## 🏗️ Architecture\n\nKubescape can run in two modes:\n\n### CLI Mode\n\nThe CLI is a standalone tool that scans clusters, files, and images on-demand.\n\n\u003Cdiv align=\"center\">\n    \u003Cimg src=\"docs\u002Fimg\u002Fks-cli-arch.png\" width=\"600\" alt=\"CLI Architecture\">\n\u003C\u002Fdiv>\n\n**Key Components:**\n- **[Open Policy Agent (OPA)](https:\u002F\u002Fgithub.com\u002Fopen-policy-agent\u002Fopa)** - Policy evaluation engine\n- **[Regolibrary](https:\u002F\u002Fgithub.com\u002Fkubescape\u002Fregolibrary)** - Library of security controls\n- **[Grype](https:\u002F\u002Fgithub.com\u002Fanchore\u002Fgrype)** - Image vulnerability scanning\n- **[Copacetic](https:\u002F\u002Fgithub.com\u002Fproject-copacetic\u002Fcopacetic)** - Image patching\n\n### Operator Mode (In-Cluster)\n\nFor continuous monitoring, deploy the Kubescape operator via Helm.\n\n\u003Cdiv align=\"center\">\n    \u003Cimg src=\"docs\u002Fimg\u002Fks-operator-arch.png\" width=\"600\" alt=\"Operator Architecture\">\n\u003C\u002Fdiv>\n\n**Additional Capabilities:**\n- Continuous configuration scanning\n- Image vulnerability scanning\n- Runtime analysis with eBPF\n- Network policy generation\n\n📖 **[Full Architecture Documentation →](docs\u002Farchitecture.md)**\n\n---\n\n## ☸️ In-Cluster Operator\n\nThe Kubescape operator provides continuous security monitoring in your cluster:\n\n```bash\n# Add the Kubescape Helm repository\nhelm repo add kubescape https:\u002F\u002Fkubescape.github.io\u002Fhelm-charts\u002F\n\n# Install the operator\nhelm upgrade --install kubescape kubescape\u002Fkubescape-operator \\\n  --namespace kubescape \\\n  --create-namespace\n```\n\n**Operator Features:**\n- 🔄 Continuous misconfiguration scanning\n- 🐳 Image vulnerability scanning for all workloads\n- 🔍 Runtime threat detection (eBPF-based)\n- 🌐 Network policy generation\n- 📈 Prometheus metrics integration\n\n📖 **[Operator Installation Guide →](https:\u002F\u002Fkubescape.io\u002Fdocs\u002Foperator\u002F)**\n\n---\n\n## 🔌 Integrations\n\n### CI\u002FCD\n\n| Platform | Integration |\n|----------|-------------|\n| **GitHub Actions** | [kubescape\u002Fgithub-action](https:\u002F\u002Fgithub.com\u002Fmarketplace\u002Factions\u002Fkubescape) |\n| **GitLab CI** | [Documentation](https:\u002F\u002Fkubescape.io\u002Fdocs\u002Fintegrations\u002Fgitlab\u002F) |\n| **Jenkins** | [Documentation](https:\u002F\u002Fkubescape.io\u002Fdocs\u002Fintegrations\u002Fjenkins\u002F) |\n\n### IDE Extensions\n\n| IDE | Extension |\n|-----|-----------|\n| **VS Code** | [Kubescape Extension](https:\u002F\u002Fmarketplace.visualstudio.com\u002Fitems?itemName=kubescape.kubescape) |\n| **Lens** | [Kubescape Lens Extension](https:\u002F\u002Fgithub.com\u002Farmosec\u002Flens-kubescape) |\n\n### Where You Can Use Kubescape\n\n\u003Cdiv align=\"center\">\n    \u003Cimg src=\"docs\u002Fimg\u002Fksfromcodetodeploy.png\" alt=\"Kubescape integration points: IDE, CI, CD, Runtime\">\n\u003C\u002Fdiv>\n\n---\n\n## 👥 Community\n\nKubescape is a CNCF incubating project with an active community.\n\n### Get Involved\n\n- 💬 **[Slack - Users Channel](https:\u002F\u002Fcloud-native.slack.com\u002Farchives\u002FC04EY3ZF9GE)** - Ask questions, get help\n- 💬 **[Slack - Developers Channel](https:\u002F\u002Fcloud-native.slack.com\u002Farchives\u002FC04GY6H082K)** - Contribute to development\n- 🐛 **[GitHub Issues](https:\u002F\u002Fgithub.com\u002Fkubescape\u002Fkubescape\u002Fissues)** - Report bugs and request features\n- 📋 **[Project Board](https:\u002F\u002Fgithub.com\u002Forgs\u002Fkubescape\u002Fprojects\u002F4)** - See what we're working on\n- 🗺️ **[Roadmap](https:\u002F\u002Fgithub.com\u002Fkubescape\u002Fproject-governance\u002Fblob\u002Fmain\u002FROADMAP.md)** - Future plans\n\n### Contributing\n\nWe welcome contributions! Please see our:\n- **[Contributing Guide](https:\u002F\u002Fgithub.com\u002Fkubescape\u002Fproject-governance\u002Fblob\u002Fmain\u002FCONTRIBUTING.md)**\n- **[Code of Conduct](https:\u002F\u002Fgithub.com\u002Fcncf\u002Ffoundation\u002Fblob\u002Fmaster\u002Fcode-of-conduct.md)**\n\n### Community Resources\n\n- **[Community Info](https:\u002F\u002Fgithub.com\u002Fkubescape\u002Fproject-governance\u002Fblob\u002Fmain\u002FCOMMUNITY.md)**\n- **[Governance](https:\u002F\u002Fgithub.com\u002Fkubescape\u002Fproject-governance\u002Fblob\u002Fmain\u002FGOVERNANCE.md)**\n- **[Security Policy](https:\u002F\u002Fgithub.com\u002Fkubescape\u002Fproject-governance\u002Fblob\u002Fmain\u002FSECURITY.md)**\n- **[Maintainers](https:\u002F\u002Fgithub.com\u002Fkubescape\u002Fproject-governance\u002Fblob\u002Fmain\u002FMAINTAINERS.md)**\n\n### Contributors\n\n\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fkubescape\u002Fkubescape\u002Fgraphs\u002Fcontributors\">\n  \u003Cimg src=\"https:\u002F\u002Fcontrib.rocks\u002Fimage?repo=kubescape\u002Fkubescape\"\u002F>\n\u003C\u002Fa>\n\n---\n\n## Changelog\n\nKubescape changes are tracked on the [releases page](https:\u002F\u002Fgithub.com\u002Fkubescape\u002Fkubescape\u002Freleases).\n\n---\n\n## License\n\nCopyright 2021-2025, the Kubescape Authors. All rights reserved.\n\nKubescape is released under the [Apache 2.0 license](LICENSE).\n\nKubescape is a [Cloud Native Computing Foundation (CNCF) incubating project](https:\u002F\u002Fwww.cncf.io\u002Fprojects\u002Fkubescape\u002F) and was contributed by [ARMO](https:\u002F\u002Fwww.armosec.io\u002F?utm_source=github&utm_medium=repository).\n\n\u003Cdiv align=\"center\">\n    \u003Cimg src=\"https:\u002F\u002Fraw.githubusercontent.com\u002Fcncf\u002Fartwork\u002Frefs\u002Fheads\u002Fmain\u002Fother\u002Fcncf-member\u002Fincubating\u002Fcolor\u002Fcncf-incubating-color.svg\" width=\"300\" alt=\"CNCF Incubating Project\">\n\u003C\u002Fdiv>","Kubescape 是一个开源的 Kubernetes 安全平台，适用于 IDE、CI\u002FCD 流水线和集群。它提供了风险分析、安全合规性和配置错误扫描等功能，帮助 Kubernetes 用户和管理员节省宝贵的时间、精力和资源。该项目使用 Go 语言编写，具备强大的安全检测能力，支持多种安全标准和最佳实践，并能够集成到开发和运维流程中。Kubescape 适合在需要加强 Kubernetes 环境安全性、符合行业规范以及持续监控和管理容器化应用安全性的场景下使用。",2,"2026-06-11 03:02:01","top_language"]