FotisLouk / docker-sec

Related projects: ⓘ

• shamedgh / confine
  This tool set can generate SECCOMP profiles for Docker images. It mainly relies on static analysis, making its results more reliable than…
  ☆62Updated 2 years ago
• 2m4t / LiCShield
  ☆11Updated 8 years ago
• willfindlay / bpfcontain-rs
  BPFContain is a container security daemon for GNU/Linux leveraging the power and safety of eBPF and Rust.
  ☆55Updated 2 years ago
• willfindlay / ebpH
  ebpH (Extended BPF Process Homeostasis) monitors process behavior on your system to establish normal behavioral patterns. ebpH reports an…
  ☆40Updated last year
• confidential-containers / td-shim
  Confidential Containers Shim Firmware
  ☆91Updated this week
• confidential-containers / enclave-cc
  Process-based Confidential Container Runtime
  ☆74Updated this week
• CamFlow / camflow-dev
  Generates kernel patch for CamFlow Linux Provenance Capture.
  ☆27Updated 7 months ago
• gramineproject / gramine-tdx
  A library OS for Linux multi-process applications, with Intel TDX support (experimental)
  ☆15Updated last month
• intel-staging / qemu-tdx
  ☆33Updated last week
• willfindlay / bpfbox
  🐝 BPFBox 📦 Exploring process confinement in eBPF
  ☆98Updated 8 months ago
• linux-lock / bpflock
  bpflock - eBPF driven security for locking and auditing Linux machines
  ☆136Updated 2 years ago
• falcosecurity / libs
  libsinsp, libscap, the kernel module driver, and the eBPF driver sources
  ☆224Updated this week
• lsds / sgx-lkl-musl
  Modified musl libc for SGX-LKL
  ☆13Updated 3 years ago
• AliyunContainerService / sgx-device-plugin
  Kubernetes Device Plugin for Intel SGX
  ☆67Updated last year
• intel / MigTD
  ☆20Updated last week
• yunwei37 / Eunomia
  A lightweight eBPF-based Monitor tool：run ebpf as a service!
  ☆57Updated 2 years ago
• ratel-enclave / ratel
  Ratel - a new framework for instruction-level interposition on enclaved applications
  ☆21Updated last year
• Asbatel / ContainerHIDS
  Contextualizing System Calls in Containers for Anomaly-Based Intrusion Detection - CCSW'22
  ☆19Updated last year
• intel / vtpm-td
  ☆34Updated this week
• confidential-containers / documentation
  Documentation for the confidential containers project
  ☆73Updated last year
• inclavare-containers / rats-tls
  RATS architecture based TLS using librats
  ☆28Updated 5 months ago
• amrabed / strace-docker
  Trace system calls from Docker containers running on the system
  ☆31Updated last year
• confidential-containers / confidential-containers
  Confidential Containers Community
  ☆176Updated this week
• asterinas / jinzhao-disk
  Jinzhao Disk (JinDisk) is a log-structured secure block device for TEEs. This repo is JinDisk's Linux version.
  ☆37Updated last year
• StanPlatinum / Deflection
  Derived from CAT-SGX and elf-respect: Practical and Efficient in-Enclave Verification of Privacy Compliance
  ☆41Updated 2 years ago
• AMDESE / sev-tool
  AMD SEV Tool
  ☆79Updated last year
• virtee / sevctl
  Administrative utility for AMD SEV
  ☆41Updated last week
• ashish-gehani / SPADE
  SPADE: Support for Provenance Auditing in Distributed Environments
  ☆166Updated 2 weeks ago
• mrtc0 / bouheki
  bouheki is KRSI(eBPF+LSM) based Linux security auditing tool.
  ☆82Updated last year
• QuarkContainer / Quark
  A secure container runtime with CRI/OCI interface
  ☆317Updated this week