criticalstack / swollLinks
an experimental suite of applications and APIs for monitoring kernel-level activity on a live Kubernetes cluster
☆69Updated 3 years ago
Alternatives and similar repositories for swoll
Users that are interested in swoll are comparing it to the libraries listed below
Sorting:
- [EXPERIMENTAL] Extend osquery to report on Kubernetes☆228Updated 4 years ago
- Administrative tooling for Falco☆110Updated this week
- Manage AppAmormor profiles for Kubernetes cluster☆42Updated last year
- Cloud Native Security Hub - Security Resources☆54Updated 5 years ago
- Anchore Kubernetes Inventory can poll Kubernetes Cluster API(s) to tell Anchore Enterprise which Containers and Images are currently in-u…☆67Updated this week
- A kubectl plugin which triggers a Sysdig capture☆100Updated 2 years ago
- ☆37Updated 4 years ago
- ptrace-based event producer for udig☆67Updated 3 years ago
- A tool for bootstrapping Kubernetes☆68Updated 3 years ago
- MagTape Policy-as-Code for Kubernetes☆149Updated last year
- Kubernetes Pod Security Standards implementation - https://github.com/kubernetes/enhancements/blob/master/keps/sig-auth/2579-psp-replacem…☆101Updated this week
- Kit for building Falco drivers: kernel modules or eBPF probes☆66Updated this week
- ☆35Updated 3 years ago
- 🎟 Voucher creates attestations for Binary Authorization☆74Updated last month
- A Kubernetes dynamic admission controller that uses WebAssembly policies to validate incoming requests☆25Updated 4 years ago
- This tool allows using a SPIFFE JWT to authenticate to AWS APIs☆34Updated last month
- ☆105Updated 4 months ago
- Security risk analysis for Kubernetes resources☆75Updated 7 months ago
- ⭕️Snooping on the Kubernetes OpenAPI communications☆96Updated this week
- Service implementation for a Kubernetes Dynamic Webhook controller for interacting with Anchore☆65Updated this week
- Webhook server that evaluates WebAssembly policies to validate Kubernetes requests☆149Updated this week
- A highly configurable build executor and observer designed to generate signed SLSA provenance attestations about build runs.☆65Updated this week
- An admission controller service and kubectl plugin to handle container drift in K8s clusters☆124Updated 3 years ago
- agent for handling seccomp descriptors for container runtimes☆47Updated last year
- A data access control framework for Open Policy Agent☆37Updated last year
- 🔍 Rekor transparency log monitoring and alerting☆27Updated last year
- Prometheus Metrics Exporter for Falco output events☆121Updated 4 months ago
- This is just a proof-of-concept project that aims to sign and verify container images using cosign and OPA (Open Policy Agent)☆63Updated 4 years ago
- A Kubernetes CSI plugin to automatically mount SPIFFE certificates to Pods using ephemeral volumes☆82Updated this week
- Diagrams to visually learn Falco and its eBPF probe☆14Updated 4 years ago