cncf / tag-security
πCNCF Security Technical Advisory Group -- secure access, policy control, privacy, auditing, explainability and more!
β2,088Updated last week
Related projects β
Alternatives and complementary repositories for tag-security
- Hunt for security weaknesses in Kubernetes clustersβ4,764Updated 8 months ago
- Security risk analysis for Kubernetes resourcesβ1,240Updated this week
- OpenClarity is an open source tool built to enhance security and observability of cloud native applications and infrastructureβ1,350Updated this week
- A tool to scan Kubernetes cluster for risky permissionsβ1,323Updated last week
- Kubernetes Security Training Platform - focusing on security mitigationβ932Updated 2 months ago
- Moved to https://github.com/aquasecurity/trivy-operatorβ1,354Updated 2 weeks ago
- A service that analyzes docker images and scans for vulnerabilitiesβ1,587Updated last year
- in-toto is a framework to protect supply chain integrity.β882Updated this week
- Supply-chain Levels for Software Artifactsβ1,555Updated this week
- A curated list of awesome Kubernetes security resourcesβ905Updated 11 months ago
- Curated resources help you prepare for the CNCF/Linux Foundation CKS 2021 "Kubernetes Certified Security Specialist" Certification exam. β¦β1,997Updated 4 months ago
- A curated list for Awesome Kubernetes Security resourcesβ1,915Updated last year
- Checks whether Kubernetes is deployed according to security best practices as defined in the CIS Kubernetes Benchmarkβ7,076Updated this week
- Linux Runtime Security and Forensics using eBPFβ3,626Updated last week
- OWASP Foundation Web Respositoryβ566Updated 9 months ago
- GUAC aggregates software security metadata into a high fidelity graph database.β1,290Updated this week
- Peirates - Kubernetes Penetration Testing toolβ1,243Updated last month
- A Blazing fast Security Auditing tool for Kubernetesβ991Updated 7 months ago
- Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastructβ¦β2,095Updated this week
- Cloud Native Runtime Securityβ7,404Updated this week
- The OWASP DevSecOps Guideline can help us to embedding security as a part of the development pipeline.β848Updated 4 months ago
- Code signing and transparency for containers and binariesβ4,516Updated this week
- Write tests against structured configuration data using the Open Policy Agent Rego query languageβ2,877Updated last week
- eBPF-based Security Observability and Runtime Enforcementβ3,655Updated this week
- π°πΈβοΈ For those interested in running Kubernetes in highly regulated environments, particularly financial servicesβ302Updated 2 years ago
- Kubesploit is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in Golang, focused on containerized enβ¦β1,123Updated 4 months ago
- Deploy-time Policy Enforcer for Kubernetes applicationsβ699Updated 7 months ago
- An open-source tool for auditing your software supply chain stack for security compliance based on a new CIS Software Supply Chain benchmβ¦β728Updated 4 months ago
- Checklist for container security - devsecops practicesβ1,525Updated last year