# Cluster

- [OPA / Gatekeeper (under cstrc)](/cncf/cloud-native/security/cluster/opa-gatekeeper-under-cstrc.md)
- [Audit Policy](/cncf/cloud-native/security/cluster/audit-policy.md): Audit policy defines rules about what events should be recorded and what data they should include. The audit policy object structure is defined in the audit.k8s.io API group. When an event is processe
- [kube-bench](/cncf/cloud-native/security/cluster/kube-bench.md): Checks whether Kubernetes is deployed according to security best practices as defined in the CIS Kubernetes Benchmark