controlplaneio / threat-modelling-zero-trust-talk

Related projects: ⓘ

• chainguard-dev / github-audit-alerter
  Slack alert bot for matching Github Audit Events
  ☆10Updated 3 weeks ago
• appvia / cosign-keyless-admission-webhook
  Kubernetes admission webhook that uses cosign verify to check the subject and issuer of the image matches what you expect
  ☆22Updated this week
• raesene / teisteanas
  ☆20Updated 4 months ago
• awslabs / k8s-network-policy-migrator
  K8s Network Policy Migrator is a tool to migrate Calico or Cilium custom network policies to Kubernetes native network policy. The tool o…
  ☆30Updated last year
• chrisns / cosign-keyless-demo
  Proof of concept that uses cosign and GitHub's in built OIDC for actions to sign container images, providing a proof that what is in the …
  ☆14Updated last year
• RichardoC / kube-audit-rest
  Kubernetes audit logging, when you don't control the control plane
  ☆64Updated this week
• slashben / beat-ac-cosign-verifier
  This is a POC repository showing how a Kubernetes Admission Controller can be made irrelevant when verifying container image signatures
  ☆11Updated last year
• cloudtruth / kubetruth
  The CloudTruth integration for kubernetes that pushes parameter updates into kubernetes config maps and secrets
  ☆10Updated 7 months ago
• chainguard-dev / vex
  vexctl is a tool to attest VEX impact statements
  ☆44Updated last year
• shaneboulden / kacti
  ☆19Updated this week
• cloudogu / k8s-security-demos
  Demos for several kubernetes security features
  ☆62Updated 3 years ago
• chainguard-dev / self-attestation
  Markdown Version of the DHS/CISA Secure Software Development Self Attestation Form.
  ☆20Updated last year
• chen-keinan / kube-beacon
  Open Source runtime scanner for k8s cluster and perform security audit checks based on CIS Kubernetes Benchmark specification
  ☆64Updated last month
• elastic / csp-security-policies
  Cloud Security Posture security policies
  ☆29Updated last week
• tenchi-security / camp
  CloudSplaining on AWS Managed Policies
  ☆41Updated this week
• mchmarny / s3cme
  Template Go app repo with local test/lint/build/vulnerability check workflow, and on tag image test/build/release pipelines, with ko gene…
  ☆50Updated 4 months ago
• darkbitio / tools
  Darkbit Cloud Security Tools
  ☆25Updated 3 years ago
• latacora / remediate-AWS-IMDSv1
  Simple tool to identify and remediate the use of the AWS EC2 IMDSv1.
  ☆16Updated 3 years ago
• praetorian-inc / snowcat
  a tool to audit the istio service mesh
  ☆173Updated 2 years ago
• rode / rode-legacy
  cloud native software supply chain ☁️🔗
  ☆64Updated 3 years ago
• geerlingguy / k8s-pod-rbac-breakout
  Kubernetes Pod RBAC Breakout
  ☆36Updated last year
• imjasonh / rbac-audit
  Generate K8s RBAC policies based on e2e test runs
  ☆28Updated 3 years ago
• chrisns / k8s-opa-boilerplate
  Boilerplate example of managing OPA with kustomize
  ☆18Updated this week
• chainguard-dev / maxcve
  ☆17Updated 5 months ago
• sqlxpert / lights-off-aws
  Tag instances & databases with cron-style stop/start schedules to cut AWS costs. Also schedule EBS, EC2 & RDS backups, plus CloudFormatio…
  ☆35Updated last year
• pseudo-dynamic / terraform-provider-value
  Value Provider for Terraform
  ☆15Updated last year
• puerco / bomshell
  An query language and interactive tooling to work with SBOM data.
  ☆12Updated last week
• aidansteele / ima.ge.cx
  ☆31Updated last year
• aquasecurity / vscode-tfsec
  vscode extension for tfsec
  ☆30Updated last year
• antitree / krew-net-forward
  Variety of kubectl krew tools usually security focused
  ☆32Updated 6 months ago