5GSEC / nimbusLinks
Intent driven security automation framework
☆25Updated last month
Alternatives and similar repositories for nimbus
Users that are interested in nimbus are comparing it to the libraries listed below
Sorting:
- Discover least permissive security posture, Network Microsegmentation, and Application behaviour based on visibility/observability data e…☆33Updated last week
- Community curated list of System and Network policy templates for the KubeArmor and Cilium☆44Updated 2 months ago
- KubeArmor cli tool aka kArmor☆43Updated this week
- This projects contains pre-made policies for Kubernetes Validating Admission Policies. This policy library is based on Kubescape controls…☆55Updated 3 weeks ago
- Find your favorite eBee☆68Updated last month
- Threat-informed defense for cloudnative: Reference Implementation of a so-called Honeycluster - for kind (and GKE, RKE2, AKS)☆44Updated last week
- A place for policy work group related proposals and prototypes.☆67Updated last week
- Tutorials about Cilium and SPIRE integration☆29Updated 3 years ago
- A flexible and scalable platform for running Kubernetes control plane APIs.☆63Updated last week
- Administrative tooling for Falco☆105Updated this week
- Runtime detection and response for malicious events in Kubernetes workloads☆45Updated last year
- A tool for in-depth analysis of container checkpoints☆116Updated 3 weeks ago
- sigstore the hard way!☆111Updated last year
- A highly configurable build executor and observer designed to generate signed SLSA provenance attestations about build runs.☆62Updated last week
- Runtime security plug to protect user containers☆65Updated 3 weeks ago
- A replacement for "kubectl exec" that works over WebSocket connections.☆38Updated last year
- Kubernetes audit logging, when you don't control the control plane☆79Updated 2 weeks ago
- Kubernetes Operator for Falco☆11Updated this week
- sigstore installation walkthrough, local☆59Updated last year
- Scans SBOMs for vulnerabilities with Grype☆82Updated last week
- Curated list of SPIFFE and SPIRE resources☆55Updated 2 years ago
- ☆15Updated last month
- Alternate reports storage in Kubernetes outside etcd☆33Updated 2 months ago
- agent for handling seccomp descriptors for container runtimes☆46Updated last year
- ☆20Updated 10 months ago
- Archivista is a graph and storage service for in-toto attestations. Archivista enables the discovery and retrieval of attestations for so…☆97Updated last week
- This is a POC repository showing how a Kubernetes Admission Controller can be made irrelevant when verifying container image signatures☆12Updated 2 years ago
- Kubernetes operator for bpfman☆24Updated this week
- HTTP/3-enable existing HTTP apps. Leverage HTTP3 native features and auto-enable workload identity (SPIFFE), AuthN (mTLS/x509, OIDC/Auth0…☆74Updated last year
- Trust Dexter to ensure that all your images are pinned by digest for better security☆29Updated last year