k8sstormcenter / honeycluster

Related projects ⓘ

Alternatives and complementary repositories for honeycluster

• falcosecurity / falco-talon
  Response Engine for managing threats in your Kubernetes
  ☆132Updated this week
• RichardoC / kube-audit-rest
  Kubernetes audit logging, when you don't control the control plane
  ☆65Updated this week
• in-toto / archivista
  Archivista is a graph and storage service for in-toto attestations. Archivista enables the discovery and retrieval of attestations for so…
  ☆73Updated this week
• bgeesaman / malicious-compliance
  Supporting code and demos for KubeCon EU 2023 talk "Malicious Compliance: Reflections on Trusting Container Image Scanners"
  ☆66Updated 11 months ago
• raesene / Cloud-Native-Security-Talks
  ☆21Updated this week
• chainguard-dev / actions
  A collection of reusable Github Actions workflows.
  ☆119Updated this week
• stacklok / sigstore-the-hard-way
  sigstore the hard way!
  ☆110Updated 6 months ago
• knative-extensions / security-guard
  Runtime security plug to protect user containers
  ☆65Updated this week
• chainguard-dev / vex
  vexctl is a tool to attest VEX impact statements
  ☆44Updated last year
• octo-sts / app
  A GitHub App that acts like a Security Token Service (STS) for the Github API
  ☆139Updated this week
• slashben / beat-ac-cosign-verifier
  This is a POC repository showing how a Kubernetes Admission Controller can be made irrelevant when verifying container image signatures
  ☆12Updated last year
• chainguard-dev / bomshell
  An SBOM query language and associated utilities
  ☆54Updated 10 months ago
• ChaosInTheCRD / Dexter
  Trust Dexter to ensure that all your images are pinned by digest for better security
  ☆29Updated last year
• wiz-sec-public / namespacehound
  NamespaceHound is the tool for detecting the risk of potential namespace crossing violations in multi-tenant clusters.
  ☆59Updated 8 months ago
• raesene / eathar
  ☆24Updated 6 months ago
• kubescape / sneeffer
  Sneefer is a PoC project showing how to filter out irrelevent vulnerabilities from container image vulnerability scan results. It is base…
  ☆26Updated last year
• checkpoint-restore / checkpointctl
  A tool for in-depth analysis of container checkpoints
  ☆101Updated this week
• google / containerdbg
  ☆74Updated 3 months ago
• shaneboulden / kacti
  ☆19Updated 2 months ago
• kubescape / cel-admission-library
  This projects contains pre-made policies for Kubernetes Validating Admission Policies. This policy library is based on Kubescape controls…
  ☆48Updated last week
• DataDog / workload-security-evaluator
  Tooling to simulate runtime attacks and test default runtime detections from Datadog Cloud Security Management.
  ☆30Updated last month
• jpts / kubectl-execws
  A replacement for "kubectl exec" that works over WebSocket connections.
  ☆35Updated 7 months ago
• sigstore / k8s-manifest-sigstore
  kubectl plugin for signing Kubernetes manifest YAML files with sigstore
  ☆79Updated last week
• controlplaneio / collie
  OSCAL and Kyverno Policy Demo for AWS
  ☆12Updated last year
• armosec / kubecop
  Runtime detection and response for malicious events in Kubernetes workloads
  ☆38Updated 8 months ago
• controlplaneio / badrobot
  BadRobot - Operator Security Audit Tool
  ☆215Updated last week
• praetorian-inc / snowcat
  a tool to audit the istio service mesh
  ☆173Updated 3 years ago
• kubescape / regolibrary
  The regolibrary package contains the controls Kubescape uses for detecting misconfigurations in Kubernetes manifests.
  ☆121Updated this week
• 5GSEC / nimbus
  Intent driven security automation framework
  ☆25Updated 2 weeks ago
• wolfi-dev / wolfictl
  A CLI used to work with the Wolfi OSS project
  ☆57Updated this week