5GSEC / nimbus
Intent driven security automation framework
☆25Updated last month
Alternatives and similar repositories for nimbus:
Users that are interested in nimbus are comparing it to the libraries listed below
- Discover least permissive security posture, Network Microsegmentation, and Application behaviour based on visibility/observability data e…☆32Updated 3 weeks ago
- Community curated list of System and Network policy templates for the KubeArmor and Cilium☆44Updated last month
- KubeArmor cli tool aka kArmor☆42Updated this week
- This projects contains pre-made policies for Kubernetes Validating Admission Policies. This policy library is based on Kubescape controls…☆55Updated this week
- A place for policy work group related proposals and prototypes.☆67Updated 3 months ago
- Runtime detection and response for malicious events in Kubernetes workloads☆44Updated last year
- sigstore the hard way!☆111Updated last year
- Tutorials about Cilium and SPIRE integration☆27Updated 3 years ago
- Administrative tooling for Falco☆102Updated last week
- ☆25Updated last year
- Generate a variety of suspect actions that are detected by Falco rulesets☆105Updated last month
- sigstore installation walkthrough, local☆58Updated last year
- agent for handling seccomp descriptors for container runtimes☆46Updated last year
- AI-generated remediations for Falco audit events☆71Updated last year
- HTTP/3-enable existing HTTP apps. Leverage HTTP3 native features and auto-enable workload identity (SPIFFE), AuthN (mTLS/x509, OIDC/Auth0…☆74Updated last year
- k8tls (pronounced cattles), to assess server port security by detecting its TLS and certificates configuration.☆19Updated 4 months ago
- Tornjak is a UI and management layer used for brokering human access to one or more SPIRE deployments☆81Updated last week
- Curated list of SPIFFE and SPIRE resources☆55Updated 2 years ago
- Find your favorite eBee☆67Updated last month
- Sneefer is a PoC project showing how to filter out irrelevent vulnerabilities from container image vulnerability scan results. It is base…☆26Updated last year
- eBPF Map Prometheus Exporter☆21Updated 3 months ago
- Archivista is a graph and storage service for in-toto attestations. Archivista enables the discovery and retrieval of attestations for so…☆91Updated this week
- A tool for in-depth analysis of container checkpoints☆115Updated last week
- Goby CLI eBPF Project Generator☆31Updated 3 months ago
- Scans SBOMs for vulnerabilities with Grype☆80Updated last week
- Trust Dexter to ensure that all your images are pinned by digest for better security☆29Updated last year
- The Civo Implementation of an OpenCP provider☆26Updated 2 years ago
- A highly configurable build executor and observer designed to generate signed SLSA provenance attestations about build runs.☆62Updated last week
- A Kubernetes CSI plugin to automatically mount SPIFFE certificates to Pods using ephemeral volumes☆79Updated this week
- ☆20Updated 9 months ago