dynatrace-oss / koney
Koney is a Kubernetes operator that enables you to define so-called deception policies for your cluster. Koney automates the setup, rotation, and teardown of honeytokens and fake API endpoints, and uses eBPF to detect, log, and forward alerts when your traps have been accessed.
☆19Updated 2 weeks ago
Alternatives and similar repositories for koney:
Users that are interested in koney are comparing it to the libraries listed below
- Response Engine for managing threats in your Kubernetes☆154Updated last week
- Kubernetes tool for scanning clusters for network policies and identifying unprotected workloads.☆433Updated last month
- KBOM - Kubernetes Bill of Materials☆313Updated 3 weeks ago
- Supporting code and demos for KubeCon EU 2023 talk "Malicious Compliance: Reflections on Trusting Container Image Scanners"☆67Updated last year
- BadRobot - Operator Security Audit Tool☆219Updated this week
- Process documentation, non-code deliverables, and miscellaneous artifacts of Kubernetes SIG Security☆202Updated 2 weeks ago
- Create Kubernetes AdmissionReview requests from Kubernetes resource manifests☆146Updated 2 weeks ago
- Generate a variety of suspect actions that are detected by Falco rulesets☆103Updated 3 weeks ago
- Catalogue all images of a Kubernetes cluster to multiple targets with Syft☆199Updated this week
- Threat-informed defense for cloudnative: Reference Implementation of a so-called Honeycluster - for kind (and GKE, RKE2, AKS)☆36Updated this week
- Runtime detection and response for malicious events in Kubernetes workloads☆43Updated last year
- A kubectl plugin to visualize network policies rules.☆96Updated last year
- Falco plugins registry☆92Updated last week
- Kubernetes audit logging, when you don't control the control plane☆73Updated last week
- trust-manager is an operator for distributing trust bundles across a Kubernetes cluster.☆306Updated this week
- This is home of Das Schiff - Deutsche Telekom Technik's engine for Kubernetes Cluster as a Service (CaaS) in on-premise environment on to…☆360Updated 3 months ago
- Connect Falco to your ecosystem☆584Updated this week
- A simple WebUI with latest events from Falco☆119Updated this week
- The regolibrary package contains the controls Kubescape uses for detecting misconfigurations in Kubernetes manifests.☆125Updated this week
- Cilium Certified Associate Certification Study Guide☆236Updated last year
- Kubernetes Stranger Danger☆62Updated last year
- Falco rule repository☆118Updated this week
- The Kubernetes Security Profiles Operator☆753Updated this week
- Damn Vulnerable Kubernetes App (DVKA) is a series of apps deployed on Kubernetes that are damn vulnerable.☆138Updated 2 weeks ago
- Kubernetes Operator to sync secrets between different secret backends and Kubernetes☆162Updated 3 months ago
- A standalone exporter for vulnerability reports and other CRs created by Trivy Operator (formerly Starboard).☆59Updated last week
- Unguard is an insecure cloud-native microservices demo application.☆49Updated last week
- sigstore the hard way!☆111Updated 11 months ago
- KubeClarity is a tool for detection and management of Software Bill Of Materials (SBOM) and vulnerabilities of container images and files…☆38Updated 6 months ago
- NamespaceHound is the tool for detecting the risk of potential namespace crossing violations in multi-tenant clusters.☆82Updated 3 months ago