Monrava / bsidesnyc2023
This repository contains the code used during my demo at BSidesNYC 2023 where I presented a new method for analysing volatile memory in Google Kubernetes Engine (GKE).
☆1Updated 10 months ago
Related projects: ⓘ
- K8s Network Policy Migrator is a tool to migrate Calico or Cilium custom network policies to Kubernetes native network policy. The tool o…☆30Updated last year
- kubectl plugin for signing Kubernetes manifest YAML files with sigstore☆78Updated 2 weeks ago
- vexctl is a tool to attest VEX impact statements☆44Updated last year
- Rego policies for enterprise-scale Compliance-as-Code with OPA Conftest.☆58Updated 11 months ago
- Trust Dexter to ensure that all your images are pinned by digest for better security☆29Updated 10 months ago
- Creates PolicyReports based on the different Trivy Operator CRDs like VulnerabilityReports☆55Updated this week
- ☆19Updated this week
- Kubernetes audit logging, when you don't control the control plane☆64Updated this week
- This projects contains pre-made policies for Kubernetes Validating Admission Policies. This policy library is based on Kubescape controls…☆44Updated 4 months ago
- Kubernetes admission webhook that uses cosign verify to check the subject and issuer of the image matches what you expect☆22Updated this week
- Open Source runtime scanner for k8s cluster and perform security audit checks based on CIS Kubernetes Benchmark specification☆64Updated last month
- ☆20Updated 4 months ago
- Enterprise Distribution for Flux CD☆59Updated this week
- An admission controller service and kubectl plugin to handle container drift in K8s clusters☆124Updated 2 years ago
- Open source IaC security scanner for public Helm charts☆87Updated 2 years ago
- ☆31Updated last year
- Private Terraform Registry Manager☆41Updated 3 months ago
- Sets up Open Policy Agent CLI in your GitHub Actions workflow.☆45Updated 5 months ago
- A pane of glass between you and your Kubernetes clusters.☆44Updated 8 months ago
- Sigstore Policy Controller - an admission controller that can be used to enforce policy on a Kubernetes cluster based on verifiable supp…☆123Updated this week
- EKS NG AMI Updater is an open source project that can be used to update kubernetes node group images.☆25Updated last week
- Scans SBOMs for vulnerabilities with Grype☆79Updated this week
- sigstore the hard way!☆110Updated 4 months ago
- Github Action to automatically update digests for container images.☆43Updated this week
- A Go program to display certificate chains simply and quickly with an easy to remember syntax☆26Updated 4 months ago
- A standalone exporter for vulnerability reports and other CRs created by Trivy Operator (formerly Starboard).☆58Updated this week
- Kubernetes Admission Controller for Image Scanning using OPA☆50Updated last year
- Anchore Kubernetes Inventory can poll Kubernetes Cluster API(s) to tell Anchore Enterprise which Containers and Images are currently in-u…☆62Updated this week
- OPA Terraform Demo☆28Updated last year
- Template Go app repo with local test/lint/build/vulnerability check workflow, and on tag image test/build/release pipelines, with ko gene…☆50Updated 4 months ago