Monrava / bsidesnyc2023
This repository contains the code used during my demo at BSidesNYC 2023 where I presented a new method for analysing volatile memory in Google Kubernetes Engine (GKE).
☆1Updated 5 months ago
Alternatives and similar repositories for bsidesnyc2023:
Users that are interested in bsidesnyc2023 are comparing it to the libraries listed below
- Kubernetes admission webhook that uses cosign verify to check the subject and issuer of the image matches what you expect☆23Updated last week
- K8s Network Policy Migrator is a tool to migrate Calico or Cilium custom network policies to Kubernetes native network policy. The tool o…☆30Updated last year
- vexctl is a tool to attest VEX impact statements☆44Updated last year
- Kubernetes audit logging, when you don't control the control plane☆71Updated this week
- ☆74Updated 3 months ago
- Trust Dexter to ensure that all your images are pinned by digest for better security☆29Updated last year
- ☆20Updated 10 months ago
- sigstore the hard way!☆110Updated 10 months ago
- Open Source runtime scanner for k8s cluster and perform security audit checks based on CIS Kubernetes Benchmark specification☆65Updated 2 months ago
- An admission controller service and kubectl plugin to handle container drift in K8s clusters☆124Updated 3 years ago
- ☆19Updated 6 months ago
- Rego policies for enterprise-scale Compliance-as-Code with OPA Conftest.☆58Updated last year
- etcd-k8s-extract takes in an etcd data directory or db file used in kubernetes, extracts the kubernetes resources and then writes the res…☆37Updated 2 months ago
- ☆41Updated 2 years ago
- sigstore installation walkthrough, local☆57Updated 10 months ago
- Creates PolicyReports based on the different Trivy Operator CRDs like VulnerabilityReports☆57Updated this week
- An SBOM query language and associated utilities☆54Updated last year
- kubectl plugin for signing Kubernetes manifest YAML files with sigstore☆80Updated last week
- Demos and resources of the Istio + Gatekeeper talks at IstioCon 2022 and GitOpsCon 2022☆14Updated last year
- Scans SBOMs for vulnerabilities with Grype☆79Updated this week
- Detect intrusions that happened in your Kubernetes cluster through audit logs using Falco☆63Updated 3 years ago
- This is just a proof-of-concept project that aims to sign and verify container images using cosign and OPA (Open Policy Agent)☆62Updated 3 years ago
- ☆18Updated this week
- This is a POC repository showing how a Kubernetes Admission Controller can be made irrelevant when verifying container image signatures☆12Updated 2 years ago
- Slack alert bot for matching Github Audit Events☆10Updated 4 months ago
- This projects contains pre-made policies for Kubernetes Validating Admission Policies. This policy library is based on Kubescape controls…☆52Updated last week
- Sets up Open Policy Agent CLI in your GitHub Actions workflow.☆48Updated 11 months ago
- A Go program to display certificate chains simply and quickly with an easy to remember syntax☆27Updated 4 months ago
- EKS NG AMI Updater is an open source project that can be used to update kubernetes node group images.☆27Updated this week
- Github Action to automatically update digests for container images.☆54Updated last week