k8sstormcenter / honeycluster
Threat-informed defense for cloudnative: Reference Implementation of a so-called Honeycluster - for kind (and GKE, RKE2, AKS)
☆27Updated this week
Alternatives and similar repositories for honeycluster:
Users that are interested in honeycluster are comparing it to the libraries listed below
- Kubernetes audit logging, when you don't control the control plane☆67Updated this week
- Runtime detection and response for malicious events in Kubernetes workloads☆39Updated 10 months ago
- ☆19Updated 4 months ago
- Creates PolicyReports based on the different Trivy Operator CRDs like VulnerabilityReports☆57Updated this week
- NamespaceHound is the tool for detecting the risk of potential namespace crossing violations in multi-tenant clusters.☆77Updated 2 weeks ago
- Response Engine for managing threats in your Kubernetes☆147Updated this week
- This projects contains pre-made policies for Kubernetes Validating Admission Policies. This policy library is based on Kubescape controls…☆50Updated last month
- Supporting code and demos for KubeCon EU 2023 talk "Malicious Compliance: Reflections on Trusting Container Image Scanners"☆66Updated last year
- vexctl is a tool to attest VEX impact statements☆44Updated last year
- Trust Dexter to ensure that all your images are pinned by digest for better security☆29Updated last year
- etcd-k8s-extract takes in an etcd data directory or db file used in kubernetes, extracts the kubernetes resources and then writes the res…☆27Updated 2 weeks ago
- An SBOM query language and associated utilities☆54Updated 11 months ago
- A kubectl plugin to visualize network policies rules.☆94Updated 10 months ago
- A pane of glass between you and your Kubernetes clusters.☆45Updated last year
- ☆74Updated last month
- Archivista is a graph and storage service for in-toto attestations. Archivista enables the discovery and retrieval of attestations for so…☆78Updated this week
- Runtime security plug to protect user containers☆65Updated last week
- Scans SBOMs for vulnerabilities with Grype☆79Updated this week
- sigstore the hard way!☆110Updated 8 months ago
- This repository contains the code used during my demo at BSidesNYC 2023 where I presented a new method for analysing volatile memory in G…☆1Updated 3 months ago
- kubectl plugin for signing Kubernetes manifest YAML files with sigstore☆79Updated last month
- Kyverno for any JSON!☆78Updated last week
- Enterprise Distribution for Flux CD☆68Updated this week
- A standalone exporter for vulnerability reports and other CRs created by Trivy Operator (formerly Starboard).☆59Updated this week
- A collection of reusable Github Actions workflows.☆122Updated last week
- A tool for in-depth analysis of container checkpoints☆104Updated last month
- K8s-Secret-Expiry-Controller is a Kubernetes operator that manages and tracks the lifespan of Kubernetes secrets.☆14Updated last year
- The regolibrary package contains the controls Kubescape uses for detecting misconfigurations in Kubernetes manifests.☆123Updated this week
- approver-policy is a cert-manager approver that allows users to define policies that restrict what certificates can be requested.☆69Updated this week
- ☆20Updated last year