kinvolk / seccompagent
agent for handling seccomp descriptors for container runtimes
☆46Updated last year
Alternatives and similar repositories for seccompagent:
Users that are interested in seccompagent are comparing it to the libraries listed below
- A replacement for "kubectl exec" that works over WebSocket connections.☆38Updated last year
- A tool for in-depth analysis of container checkpoints☆114Updated this week
- Kit for building Falco drivers: kernel modules or eBPF probes☆65Updated last week
- ptrace-based event producer for udig☆67Updated 2 years ago
- ☆25Updated last year
- 🐝 BPFBox 📦 Exploring process confinement in eBPF☆102Updated last year
- Making containers more secure with eBPF and Linux Security Modules (LSM)☆228Updated 11 months ago
- Threat-informed defense for cloudnative: Reference Implementation of a so-called Honeycluster - for kind (and GKE, RKE2, AKS)☆43Updated this week
- Administrative tooling for Falco☆102Updated last week
- Find your favorite eBee☆67Updated 3 weeks ago
- Library to work with linux namespaces in go☆34Updated last year
- A process level network security monitoring and enforcement project for Kubernetes, using eBPF☆43Updated 4 years ago
- Source-code based coverage for eBPF programs actually running in the Linux kernel☆132Updated 3 months ago
- A command line tool to automatically generate seccomp profiles.☆25Updated 4 years ago
- Evolution process of The Falco Project☆52Updated this week
- Various eBPF programs for tracing network connections☆30Updated 3 years ago
- Add oci hooks to Docker☆63Updated last year
- Shape your traffic the BPF way☆79Updated last year
- Falco plugins registry☆94Updated this week
- Generate an application profile containing metrics/properties for Kubernetes workloads based on runtime behavior.☆14Updated 7 months ago
- sigstore the hard way!☆111Updated 11 months ago
- bpflock - eBPF driven security for locking and auditing Linux machines☆147Updated 3 years ago
- Simple tool that allows you to detect imposter commits in GitHub Actions workflows.☆23Updated 4 months ago
- Discover least permissive security posture, Network Microsegmentation, and Application behaviour based on visibility/observability data e…☆32Updated 3 weeks ago
- Community curated list of System and Network policy templates for the KubeArmor and Cilium☆44Updated last month
- Generate a variety of suspect actions that are detected by Falco rulesets☆105Updated last month
- OCI hook to trace syscalls and generate a seccomp profile☆323Updated last week
- Operator to deploy confidential containers runtime☆132Updated this week
- vexctl is a tool to attest VEX impact statements☆44Updated 2 years ago
- An query language and interactive tooling to work with SBOM data.☆14Updated 6 months ago