accuknox / discovery-engine
Discover least permissive security posture, Network Microsegmentation, and Application behaviour based on visibility/observability data emitted from policy engines..
☆30Updated 11 months ago
Related projects: ⓘ
- Community curated list of System and Network policy templates for the KubeArmor and Cilium☆34Updated last month
- Intent driven security automation framework☆23Updated this week
- KubeArmor cli tool aka kArmor☆34Updated this week
- Runtime detection and response for malicious events in Kubernetes workloads☆38Updated 6 months ago
- Tutorials about Cilium and SPIRE integration☆27Updated 2 years ago
- A tool for in-depth analysis of container checkpoints☆95Updated last month
- Falco plugins registry☆82Updated this week
- A replacement for "kubectl exec" that works over WebSocket connections.☆27Updated 5 months ago
- This projects contains pre-made policies for Kubernetes Validating Admission Policies. This policy library is based on Kubescape controls…☆44Updated 4 months ago
- Find your favorite eBee☆51Updated 8 months ago
- Anchore Kubernetes Inventory can poll Kubernetes Cluster API(s) to tell Anchore Enterprise which Containers and Images are currently in-u…☆62Updated this week
- Scans SBOMs for vulnerabilities with Grype☆79Updated last week
- Generate a variety of suspect actions that are detected by Falco rulesets☆87Updated 3 weeks ago
- A tool based on eBPF, prometheus and grafana to monitor network connectivity.☆35Updated 2 years ago
- Generate an application profile containing metrics/properties for Kubernetes workloads based on runtime behavior.☆14Updated 6 months ago
- agent for handling seccomp descriptors for container runtimes☆41Updated 7 months ago
- Ingress node firewall implements Kubernetes operator to provision stateless ingress node level firewall rules, stateless ingress node fir…☆43Updated last week
- Administrative tooling for Falco☆88Updated this week
- A place for policy work group related proposals and prototypes.☆64Updated 2 months ago
- Kit for building Falco drivers: kernel modules or eBPF probes☆64Updated last week
- This repository contains various code snippets and learnings around eBPF☆81Updated 3 months ago
- A Kubernetes CSI plugin to automatically mount SPIFFE certificates to Pods using ephemeral volumes☆69Updated this week
- sigstore the hard way!☆110Updated 4 months ago
- Falco Talon is a Response Engine for managing threats in your Kubernetes☆101Updated this week
- Sigstore Policy Controller - an admission controller that can be used to enforce policy on a Kubernetes cluster based on verifiable supp…☆123Updated last week
- AI-generated remediations for Falco audit events☆69Updated last year
- kubectl plugin for signing Kubernetes manifest YAML files with sigstore☆78Updated 2 weeks ago
- k8tls (pronounced cattles), to assess server port security by detecting its TLS and certificates configuration.☆19Updated last month
- 🔮 ✈️ to integrate OPA Gatekeeper's new ExternalData feature with cosign to determine whether the images are valid by verifying their sig…☆75Updated 5 months ago
- ☆34Updated last year