k8sstormcenter / honeyclusterLinks
Threat-informed defense for cloudnative: Reference Implementation of a so-called Honeycluster - The detection capabilities can also be used as a SOC
☆49Updated this week
Alternatives and similar repositories for honeycluster
Users that are interested in honeycluster are comparing it to the libraries listed below
Sorting:
- This projects contains pre-made policies for Kubernetes Validating Admission Policies. This policy library is based on Kubescape controls…☆55Updated last month
- Response Engine for managing threats in your Kubernetes☆163Updated last week
- sigstore the hard way!☆112Updated last year
- A kubectl plugin to visualize network policies rules.☆96Updated last year
- A Kubernetes CSI plugin to automatically mount SPIFFE certificates to Pods using ephemeral volumes☆80Updated last week
- Runtime detection and response for malicious events in Kubernetes workloads☆45Updated last year
- Administrative tooling for Falco☆107Updated last week
- Kubernetes audit logging, when you don't control the control plane☆81Updated last week
- Enterprise Distribution for Flux CD☆74Updated last week
- A tool for in-depth analysis of container checkpoints☆118Updated 3 weeks ago
- kubectl plugin for signing Kubernetes manifest YAML files with sigstore☆84Updated 2 weeks ago
- A standalone exporter for vulnerability reports and other CRs created by Trivy Operator (formerly Starboard).☆61Updated last week
- Creates PolicyReports based on the different Trivy Operator CRDs like VulnerabilityReports☆60Updated 2 weeks ago
- approver-policy is a cert-manager approver that allows users to define policies that restrict what certificates can be requested.☆83Updated last week
- Trust Dexter to ensure that all your images are pinned by digest for better security☆29Updated last year
- Kyverno for any JSON!☆83Updated 5 months ago
- A replacement for "kubectl exec" that works over WebSocket connections.☆40Updated last year
- Contains documentation for projectsveltos☆92Updated this week
- Runtime security plug to protect user containers☆65Updated last week
- Sigstore Policy Controller - an admission controller that can be used to enforce policy on a Kubernetes cluster based on verifiable supp…☆133Updated this week
- Scans SBOMs for vulnerabilities with Grype☆82Updated last week
- Anchore Kubernetes Inventory can poll Kubernetes Cluster API(s) to tell Anchore Enterprise which Containers and Images are currently in-u…☆65Updated last week
- Intent driven security automation framework☆26Updated last week
- NamespaceHound is the tool for detecting the risk of potential namespace crossing violations in multi-tenant clusters.☆100Updated 5 months ago
- 🔮 ✈️ to integrate OPA Gatekeeper's new ExternalData feature with cosign to determine whether the images are valid by verifying their sig…☆78Updated last year
- Falco plugins registry☆97Updated last week
- A CLI used to work with the Wolfi OSS project☆62Updated last week
- A highly configurable build executor and observer designed to generate signed SLSA provenance attestations about build runs.☆63Updated last week
- A simple WebUI with latest events from Falco☆121Updated 2 months ago
- A collection of reusable Github Actions workflows.☆133Updated this week