init commit

Dockerfile

@@ -1,4 +1,4 @@
-FROM golang:1.21.3 AS build
+FROM golang:1.21.1 AS build
 WORKDIR /go/src/github.com/khulnasoft-lab/kube-bench/
 COPY makefile makefile
 COPY go.mod go.sum ./

Dockerfile.fips.ubi

@@ -1,4 +1,4 @@
-FROM golang:1.21.3 AS build
+FROM golang:1.21.1 AS build
 WORKDIR /go/src/github.com/khulnasoft-lab/kube-bench/
 COPY makefile makefile
 COPY go.mod go.sum ./

Dockerfile.ubi

@@ -1,4 +1,4 @@
-FROM golang:1.21.3 AS build
+FROM golang:1.21.1 AS build
 WORKDIR /go/src/github.com/khulnasoft-lab/kube-bench/
 COPY makefile makefile
 COPY go.mod go.sum ./

OWNERS

@@ -1,4 +1,3 @@
 approvers:
  - sulaiman-coder
  - gitworkflows
- - nxpkg

README.md

@@ -1,4 +1,3 @@
-[![GitHub Release][release-img]][release]
 [![Downloads][download]][release]
 [![Docker Pulls][docker-pull]][docker]
 [![Go Report Card][report-card-img]][report-card]
@@ -16,20 +15,14 @@
 [report-card-img]: https://goreportcard.com/badge/github.com/khulnasoft-lab/kube-bench
 [report-card]: https://goreportcard.com/report/github.com/khulnasoft-lab/kube-bench
 
-<img src="docs/images/kube-bench.png" width="200" alt="kube-bench logo">
 
 kube-bench is a tool that checks whether Kubernetes is deployed securely by running the checks documented in the [CIS Kubernetes Benchmark](https://www.cisecurity.org/benchmark/kubernetes/).
 
 Tests are configured with YAML files, making this tool easy to update as test specifications evolve.
 
 ![Kubernetes Bench for Security](/docs/images/output.png "Kubernetes Bench for Security")
 
-## CIS Scanning as part of Vul and the Vul Operator
-
-[Vul](https://github.com/khulnasoft-lab/vul), the all in one cloud native security scanner, can be deployed as a [Kubernetes Operator](https://github.com/khulnasoft-lab/vul-operator) inside a cluster.
-Both, the [Vul CLI](https://github.com/khulnasoft-lab/vul), and the [Vul Operator](https://github.com/khulnasoft-lab/vul-operator) support CIS Kubernetes Benchmark scanning among several other features.
-
-## Quick start
+### Quick start
 
 There are multiple ways to run kube-bench.
 You can run kube-bench inside a pod, but it will need access to the host's PID namespace in order to check the running processes, as well as access to some directories on the host where config files and other files are stored.

check/check.go

@@ -310,4 +310,4 @@ func runAudit(audit string) (output string, err error) {
  glog.V(3).Infof("Output:\n %q", output)
  }
  return output, err
-}
+}

check/controls.go

@@ -33,7 +33,7 @@ const (
  // UNKNOWN is when the AWS account can't be found
  UNKNOWN = "Unknown"
  // ARN for the AWS Security Hub service
- ARN = "arn:aws:securityhub:%s::product/aqua-security/kube-bench"
+ ARN = "arn:aws:securityhub:%s::product/khulnasoft-security/kube-bench"
  // SCHEMA for the AWS Security Hub service
  SCHEMA = "2018-10-08"
  // TYPE is type of Security Hub finding
@@ -237,7 +237,7 @@ func (controls *Controls) ASFF() ([]types.AwsSecurityFinding, error) {
  actualValue = check.ActualValue[0:1023]
  }
 
- // Fix issue https://github.com/aquasecurity/kube-bench/issues/903
+ // Fix issue https://github.com/khulnasoft-lab/kube-bench/issues/903
  if len(check.Remediation) > 512 {
  remediation = check.Remediation[0:511]
  }
@@ -327,4 +327,4 @@ func summarizeGroup(group *Group, state State) {
  default:
  glog.Warningf("Unrecognized state %s", state)
  }
-}
+}