Kubernetes Best Practices Made Easy
Simplify Kubernetes Operations: Effortlessly identify misconfigurations and vulnerabilities in your environments.
View on GitHubWhat is Zora OSS?
Zora is an open source solution that helps you achieve compliance with Kubernetes best practices recommended by industry-leading frameworks.
By scanning your cluster with multiple plugins, Zora identifies potential issues, misconfigurations, and vulnerabilities.
Multi-plugin architecture
Zora seamlessly integrates open source tools like Popeye, Marvin, and Trivy into its multi-plugin architecture as scanners. These tools' capabilities are combined to provide you with a unified view of your cluster's security posture, addressing potential issues, misconfigurations, and vulnerabilities.
Kubernetes-native
All scan configurations and plugin reports, including misconfigurations and vulnerabilities, are securely stored as CRDs (Custom Resource Definitions) within your Kubernetes cluster, making it easily accessible through the Kubernetes API and kubectl command.
Kubernetes compliance
Zora and its plugins provide actionable insights, guiding you to align your cluster with industry-recognized frameworks such as NSA-CISA, MITRE ATT&CK, CIS Benchmark, and Pod Security Standards.
Custom checks
Enabled by the Marvin plugin, Zora offers a declarative way to create your own checks by using CEL expressions to define the validation rules.
Are you interested?
Get started using Zora now to enjoy its features and also join our community and collaborate with us.
