accuknox / k8sthreatmodeling
Threat Modeling (based on STRIDE approach) for Kubernetes systems.
☆20Updated 5 months ago
Related projects: ⓘ
- ☆19Updated 5 months ago
- K8s API Honeypot with Active Defense Capabilities☆35Updated 8 months ago
- Kubernetes audit logging, when you don't control the control plane☆64Updated this week
- Tooling to simulate runtime attacks and test default runtime detections from Datadog Cloud Security Management.☆29Updated 5 months ago
- NamespaceHound is the tool for detecting the risk of potential namespace crossing violations in multi-tenant clusters.☆56Updated 6 months ago
- ☆163Updated 2 months ago
- VMClarity is a tool for agentless detection and management of Virtual Machine Software Bill Of Materials (SBOM) and vulnerabilities☆100Updated 3 weeks ago
- kubernetes-for-soc aims to fast-track the learning curve for SOC analysts by enabling them to swiftly grasp the essential concepts and kn…☆50Updated 9 months ago
- Security Alert Decoration☆25Updated 4 months ago
- Open Source runtime scanner for k8s cluster and perform security audit checks based on CIS Kubernetes Benchmark specification☆64Updated last month
- a tool to audit the istio service mesh☆173Updated 2 years ago
- Research on various techniques to bypass default falco ruleset (based on falco v0.28.1).☆78Updated 7 months ago
- Capture The Flag Challenge for eBPF Summit 2022☆18Updated last year
- ☆24Updated 4 months ago
- Vulnerable Kustomize Kubernetes templates for training and education☆47Updated 2 years ago
- PEACH - a step-by-step framework for modeling and improving SaaS and PaaS tenant isolation, by managing the attack surface exposed by use…☆65Updated last year
- Supporting code and demos for KubeCon EU 2023 talk "Malicious Compliance: Reflections on Trusting Container Image Scanners"☆64Updated 9 months ago
- HashiCorp-relevant rules for the Semgrep code analysis tool☆37Updated 11 months ago
- ☆20Updated 4 months ago
- vexctl is a tool to attest VEX impact statements☆44Updated last year
- Intent driven security automation framework☆23Updated this week
- ☆12Updated last year
- A simple mitmproxy blueprint to intercept HTTPS traffic from app running on Kubernetes☆62Updated 2 months ago
- Community curated list of System and Network policy templates for the KubeArmor and Cilium☆34Updated last month
- ☆15Updated 2 months ago
- Reference Implementation of a so-called Honeycluster - for kind (and GKE, RKE2, AKS)☆18Updated this week
- Falco plugins registry☆82Updated this week
- Evolution process of The Falco Project☆48Updated this week
- Cloud Security Posture security policies☆29Updated last week
- Runtime detection and response for malicious events in Kubernetes workloads☆38Updated 6 months ago