grafeas / kritis
Deploy-time Policy Enforcer for Kubernetes applications
☆696Updated 5 months ago
Related projects: ⓘ
- Artifact Metadata API☆1,516Updated last month
- Kubernetes security tool for policy enforcement☆444Updated last year
- Autogenerate RBAC policies based on Kubernetes audit logs☆1,063Updated last year
- An admission controller that integrates Container Image Signature Verification into a Kubernetes cluster☆436Updated this week
- A Kubernetes Admission Controller for verifying image trust.☆330Updated 3 weeks ago
- The SPIFFE Project☆1,465Updated last week
- Show who has RBAC permissions to perform actions on different resources in Kubernetes☆833Updated 2 months ago
- kube-scan: Octarine k8s cluster risk assessment tool☆794Updated last year
- 📚 The OPA Gatekeeper policy library☆633Updated this week
- A policy management tool for interacting with Gatekeeper☆382Updated last week
- Security risk analysis for Kubernetes resources☆508Updated 8 months ago
- Moved to https://github.com/aquasecurity/trivy-operator☆1,348Updated 2 months ago
- Easily find roles and cluster roles attached to any user, service account, or group name in your Kubernetes cluster☆864Updated last week
- Help building an adaptive and fine-grained pod security policy☆330Updated 11 months ago
- kubeaudit helps you audit your Kubernetes clusters against common security controls☆1,895Updated 3 weeks ago
- Kubernetes RBAC static analysis & visualisation tool☆671Updated last week
- Kubediff: a tool for Kubernetes to show differences between running state and version controlled configuration.☆1,182Updated 10 months ago
- The Kubernetes Security Profiles Operator☆678Updated this week
- A curated list of OPA related tools, frameworks and articles☆777Updated 3 weeks ago
- Secrets Store CSI driver for Kubernetes secrets - Integrates secrets stores with Kubernetes via a CSI volume.☆1,235Updated last week
- Overview and docs☆423Updated last year
- Software Supply Chain Transparency Log☆880Updated last week
- in-toto is a framework to protect supply chain integrity.☆861Updated last week
- Reverse proxy to authenticate to managed Kubernetes API servers via OIDC.☆477Updated last month
- Security risk analysis for Kubernetes resources☆1,211Updated this week
- Integration of Clair and Docker Registry☆506Updated 11 months ago
- Automatically sync groups into Kubernetes RBAC☆239Updated 9 months ago
- The SPIFFE Runtime Environment☆1,775Updated this week
- RBAC in Kubernetes visualizer☆398Updated 3 years ago
- A working place for multi-tenancy related proposals and prototypes.☆955Updated last year