kondukto-io / kntrlLinks
kntrl is an eBPF based runtime agent that monitors and prevents anomalous behaviour defined by you on your pipeline. kntrl achieves this by monitoring kernel calls, and denying access as soon as your defined behaviour is detected. For more: https://kntrl.dev
☆116Updated 3 months ago
Alternatives and similar repositories for kntrl
Users that are interested in kntrl are comparing it to the libraries listed below
Sorting:
- Simple plug-and-play Github Action to block unauthorized outbound traffic (egress) in your Github workflows☆110Updated 3 weeks ago
- NamespaceHound is the tool for detecting the risk of potential namespace crossing violations in multi-tenant clusters.☆109Updated 7 months ago
- A tool for preventing the installation of malicious npm and PyPI packages☆158Updated last week
- Template Go app repo with local test/lint/build/vulnerability check workflow, and on tag image test/build/release pipelines, with ko gene…☆104Updated last year
- Runtime Security Solution for your CI/CD Pipeline☆108Updated 2 months ago
- The security workflow engine!☆118Updated last week
- Test & Compare different Kubernetes security offerings on EKS, GKE and AKS☆40Updated 11 months ago
- ☆71Updated 3 weeks ago
- Attaché provides an emulation layer for Cloud Provider IMDS APIs☆59Updated last year
- ☆82Updated last month
- ☆56Updated this week
- ☆114Updated 2 weeks ago
- This terraform provider can be used to get remote code execution by injecting a dummy resource in a writeable state file.☆55Updated 7 months ago
- Supporting code and demos for KubeCon EU 2023 talk "Malicious Compliance: Reflections on Trusting Container Image Scanners"☆67Updated last year
- Tooling to simulate runtime attacks and test default runtime detections from Datadog Cloud Security Management.☆31Updated 10 months ago
- A security tool designed to help review merged code changes to open source maintained repositories via LLM assisted review to safeguard a…☆30Updated 10 months ago
- boostsecurityio/poutine☆309Updated last week
- HashiCorp-relevant rules for the Semgrep code analysis tool☆41Updated last year
- ☆82Updated 7 months ago
- Research on various techniques to bypass default falco ruleset (based on falco v0.28.1).☆83Updated last year
- Validate the isolation posture of your container environment.☆297Updated 2 weeks ago
- Tools that checks for misconfigured access to Github OIDC from AWS roles and GCP service accounts☆61Updated 2 years ago
- ☆179Updated 4 months ago
- Semgrep-based Policy Controller for Kubernetes☆47Updated 4 months ago
- ☆102Updated 6 months ago
- Curating Falco rules with MITRE ATT&CK Matrix☆83Updated last year
- Scans your Github Actions for security issues☆82Updated last week
- Compares and analyzes GCP IAM roles.☆77Updated 5 months ago
- Damn Vulnerable Kubernetes App (DVKA) is a series of apps deployed on Kubernetes that are damn vulnerable.☆184Updated last week
- A tool to check the security settings of Github Organizations.☆72Updated 2 years ago