cncf / tag-security
πCNCF Security Technical Advisory Group -- secure access, policy control, privacy, auditing, explainability and more!
β2,151Updated this week
Alternatives and similar repositories for tag-security:
Users that are interested in tag-security are comparing it to the libraries listed below
- A tool to scan Kubernetes cluster for risky permissionsβ1,364Updated 3 months ago
- Supply-chain Levels for Software Artifactsβ1,626Updated this week
- OpenClarity is an open source tool built to enhance security and observability of cloud native applications and infrastructureβ1,388Updated this week
- Superseded by https://github.com/aquasecurity/trivy-operatorβ1,364Updated 2 weeks ago
- Hunt for security weaknesses in Kubernetes clustersβ4,827Updated last year
- Security risk analysis for Kubernetes resourcesβ1,295Updated this week
- A curated list for Awesome Kubernetes Security resourcesβ1,942Updated last year
- Kubernetes Security Training Platform - focusing on security mitigationβ943Updated 6 months ago
- A service that analyzes docker images and scans for vulnerabilitiesβ1,588Updated 2 years ago
- GUAC aggregates software security metadata into a high fidelity graph database.β1,338Updated this week
- Code signing and transparency for containers and binariesβ4,791Updated this week
- Checks whether Kubernetes is deployed according to security best practices as defined in the CIS Kubernetes Benchmarkβ7,311Updated this week
- in-toto is a framework to protect supply chain integrity.β905Updated this week
- CLI tool and library for generating a Software Bill of Materials from container images and filesystemsβ6,725Updated this week
- Linux Runtime Security and Forensics using eBPFβ3,807Updated this week
- OpenSSF Scorecard - Security health metrics for Open Sourceβ4,823Updated this week
- Peirates - Kubernetes Penetration Testing toolβ1,290Updated last week
- Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on pβ¦β4,668Updated last month
- Curated resources help you prepare for the CNCF/Linux Foundation CKS 2021 "Kubernetes Certified Security Specialist" Certification exam. β¦β2,036Updated 9 months ago
- A Blazing fast Security Auditing tool for Kubernetesβ996Updated 11 months ago
- Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastructβ¦β2,252Updated this week
- The OWASP DevSecOps Guideline can help us to embedding security as a part of the development pipeline.β907Updated last month
- OWASP Foundation Web Respositoryβ581Updated last year
- An open-source tool for auditing your software supply chain stack for security compliance based on a new CIS Software Supply Chain benchmβ¦β741Updated 3 months ago
- Checklist for container security - devsecops practicesβ1,551Updated last year
- KubeLinter is a static analysis tool that checks Kubernetes YAML files and Helm charts to ensure the applications represented in them adhβ¦β3,113Updated this week
- Kubesploit is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in Golang, focused on containerized enβ¦β1,157Updated last month
- π°πΈβοΈ For those interested in running Kubernetes in highly regulated environments, particularly financial servicesβ304Updated 2 years ago
- A curated list of awesome Kubernetes security resourcesβ915Updated last year
- Deploy-time Policy Enforcer for Kubernetes applicationsβ703Updated last month