falcosecurity / rulesLinks
Falco rule repository
☆140Updated this week
Alternatives and similar repositories for rules
Users that are interested in rules are comparing it to the libraries listed below
Sorting:
- Falco plugins registry☆104Updated this week
- Generate a variety of suspect actions that are detected by Falco rulesets☆110Updated 5 months ago
- Response Engine for managing threats in your Kubernetes☆173Updated last month
- Runtime detection and response for malicious events in Kubernetes workloads☆46Updated last year
- Connect Falco to your ecosystem☆623Updated last week
- The Falco Project Community☆56Updated 4 months ago
- Community curated list of System and Network policy templates for the KubeArmor and Cilium☆48Updated 2 weeks ago
- Tool for building Kubernetes attack paths☆915Updated 3 weeks ago
- Evaluate the RBAC permissions of Kubernetes identities through policies written in Rego☆351Updated 7 months ago
- Research on various techniques to bypass default falco ruleset (based on falco v0.28.1).☆87Updated last year
- Supporting code and demos for KubeCon EU 2023 talk "Malicious Compliance: Reflections on Trusting Container Image Scanners"☆67Updated last year
- Trivy's misconfiguration scanning engine☆216Updated 9 months ago
- Use Trivy as a plug-in vulnerability scanner in the Harbor registry☆225Updated last year
- The regolibrary package contains the controls Kubescape uses for detecting misconfigurations in Kubernetes manifests.☆128Updated 3 weeks ago
- ☆281Updated 3 weeks ago
- A simple WebUI with latest events from Falco☆128Updated last week
- Process documentation, non-code deliverables, and miscellaneous artifacts of Kubernetes SIG Security☆223Updated this week
- Runtime security plug to protect user containers☆66Updated last week
- VMClarity is a tool for agentless detection and management of Virtual Machine Software Bill Of Materials (SBOM) and vulnerabilities☆102Updated last year
- KBOM - Kubernetes Bill of Materials☆320Updated 2 months ago
- Kubernetes focused container assessment and context discovery tool for penetration testing☆467Updated last year
- OCI hook to trace syscalls and generate a seccomp profile☆335Updated 2 weeks ago
- Administrative tooling for Falco☆111Updated 2 weeks ago
- NamespaceHound is the tool for detecting the risk of potential namespace crossing violations in multi-tenant clusters.☆111Updated 9 months ago
- SysFlow documentation and issues tracker☆45Updated last year
- Prometheus Metrics Exporter for Falco output events☆121Updated 6 months ago
- Create Kubernetes AdmissionReview requests from Kubernetes resource manifests☆161Updated 3 weeks ago
- Notice: Postee is no longer under active development or maintenance.☆208Updated last month
- Kit for building Falco drivers: kernel modules or eBPF probes☆67Updated this week
- Kubernetes audit logging, when you don't control the control plane☆88Updated this week