jatrost / awesome-kubernetes-threat-detection
A curated list of resources about detecting threats and defending Kubernetes systems.
β371Updated last year
Alternatives and similar repositories for awesome-kubernetes-threat-detection:
Users that are interested in awesome-kubernetes-threat-detection are comparing it to the libraries listed below
- CNAPPgoat is an open source project designed to modularly provision vulnerable-by-design components in cloud environments.β271Updated 4 months ago
- π§° Multi Tool Kubernetes Pentest Imageβ220Updated 5 months ago
- β171Updated 2 months ago
- A full insecure kubernetes application for testing security toolsβ64Updated this week
- This is a collection of threat detection rules / rules engines that I have come across.β279Updated 8 months ago
- β¨ A compilation of suggested tools/services for each component in a detection and response pipeline, along with real-world examples. The β¦β266Updated 11 months ago
- Threatest is a CLI and Go framework for end-to-end testing threat detection rules.β323Updated last year
- Curating Falco rules with MITRE ATT&CK Matrixβ77Updated 10 months ago
- OWASP Foundation Web Respositoryβ572Updated 11 months ago
- cloudgrep is grep for cloud storageβ324Updated last month
- Tool for building Kubernetes attack pathsβ812Updated this week
- All-in-one auditing toolkit for identifying common security issues in managed Kubernetes environments. Currently supports Amazon EKS.β329Updated last year
- Released at Black Hat Asia on April 18, 2024, Cloud Console Cartographer is a framework for condensing groupings of cloud events (e.g. Clβ¦β161Updated 8 months ago
- A Cloud Security Posture Manager or CSPM with a focus on security analysis for the modern cloud stack and a focus on the emerging threat β¦β179Updated 5 months ago
- Nextdoor's Cloud Security Posture Management (CSPM) Evaluation Matrixβ59Updated last year
- This repo contains IOC, malware and malware analysis associated with Public cloudβ247Updated 2 months ago
- Maturity models help integrate traditionally separate organizational functions, set process improvement goals and priorities, provide guiβ¦β222Updated 2 years ago
- A curated list of policy-as-code resources like blogs, videos, and tools to practice on for learning Policy-as-Code.β186Updated last year
- Automated Attack Simulation in the Cloud, complete with detection use cases.β554Updated 2 months ago
- β111Updated 2 weeks ago
- An open project to list all publicly known cloud vulnerabilities and CSP security issuesβ315Updated last week
- Playing around with Stratus Red Team (Cloud Attack simulation tool) and SumoLogicβ284Updated 2 years ago
- Documenting your Threat Models with HCLβ413Updated 4 months ago
- An AI-powered tool for discovering privilege escalation opportunities in AWS IAM configurations.β105Updated 3 months ago
- Evaluate the RBAC permissions of Kubernetes identities through policies written in Regoβ341Updated last year
- A collection of real-world threat model examples across various technologies, providing practical insights into identifying and mitigatinβ¦β404Updated 3 weeks ago
- A list of cloud security tools and vendors.β142Updated 4 months ago
- DeRF (Detection Replay Framework) is an "Attacks As A Service" framework, allowing the emulation of offensive techniques and generation oβ¦β90Updated last year
- Generate datasets of cloud audit logs for common attacksβ195Updated 5 months ago
- An evolving repository of CloudTrail events with detailed descriptions, MITRE ATT&CK insights, real-world incidents, references and securβ¦β134Updated last month