Community curated list of System and Network policy templates for the KubeArmor and Cilium
☆51May 15, 2026Updated 2 weeks ago
Alternatives and similar repositories for policy-templates
Users that are interested in policy-templates are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Discover least permissive security posture, Network Microsegmentation, and Application behaviour based on visibility/observability data e…☆34May 19, 2025Updated last year
- KubeArmor cli tool aka kArmor☆45May 21, 2026Updated last week
- AccuKnox CI/CD Action for Container Security Scan☆18Feb 26, 2026Updated 3 months ago
- A small library to alter AWS API requests; Used for fuzzing research☆22Nov 2, 2023Updated 2 years ago
- Intent driven security automation framework☆27Aug 12, 2025Updated 9 months ago
- GPUs on demand by Runpod - Special Offer Available • AdRun AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
- Infrastructure-as-code for a serverless knowledge base using Amazon Bedrock, Aurora PostgreSQL (with pgvector), Lambda, and S3. This setu…☆19Mar 23, 2025Updated last year
- Runtime Security Enforcement System. Workload hardening/sandboxing and implementing least-permissive policies made easy leveraging LSMs (…☆2,106Updated this week
- Code repository for experiments in SpecROP paper☆13Sep 3, 2021Updated 4 years ago
- https://breaking-bits.gitbook.io/breaking-bits/exploit-development/linux-kernel-exploit-development☆44Jan 15, 2022Updated 4 years ago
- ☆55Mar 31, 2026Updated last month
- 🔮 ✈️ to integrate OPA Gatekeeper's new ExternalData feature with cosign to determine whether the images are valid by verifying their sig…☆79Dec 4, 2025Updated 5 months ago
- Source code of the double-fetch bug detection approach based on Coccinelle engine☆10Jan 2, 2017Updated 9 years ago
- ⚡ k8s event logger operator - logs configured events to stdout in order to not lose them☆10May 18, 2026Updated last week
- A curated collection of scripts for kernel-related devops☆14Nov 23, 2023Updated 2 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Linux kernel configs for popular distros.☆61Jan 23, 2026Updated 4 months ago
- ☆17Oct 9, 2023Updated 2 years ago
- Ledger Donjon CTF 2020☆17Nov 16, 2021Updated 4 years ago
- ☆112Mar 29, 2026Updated 2 months ago
- trust-manager is an operator for distributing trust bundles across a Kubernetes cluster.☆378Updated this week
- Detect intrusions that happened in your Kubernetes cluster through audit logs using Falco☆63Jun 2, 2021Updated 4 years ago
- Automated recovery of Linux kernel build configurations☆26Jan 14, 2022Updated 4 years ago
- ☆11Oct 29, 2021Updated 4 years ago
- Github Actions wrapper for vmtest☆12Jan 10, 2025Updated last year
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- Sbommage is an interactive terminal frontend for viewing Software Bill of Materials (SBOM) files in various formats.☆39Nov 10, 2025Updated 6 months ago
- ebpfkit-monitor is a tool that detects and protects against eBPF powered rootkits☆141Feb 28, 2023Updated 3 years ago
- A library and helper applications that form the basis for building the different Paketo-style JVM-providing buildpacks☆23May 23, 2026Updated last week
- ☆17Jan 14, 2026Updated 4 months ago
- NamespaceHound is the tool for detecting the risk of potential namespace crossing violations in multi-tenant clusters.☆115Jan 2, 2025Updated last year
- 读过的安全文章离线归档 | begin in 2023.11.23☆18Jun 4, 2024Updated last year
- Sample app that prints the compute region it’s running on☆18Apr 24, 2024Updated 2 years ago
- Various examples of using eBPF code☆18Jan 3, 2024Updated 2 years ago
- LSM BPF module to block pwnkit (CVE-2021-4034) like exploits☆21Feb 17, 2022Updated 4 years ago
- Serverless GPU API endpoints on Runpod - Get Bonus Credits • AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- Tool to extract the kallsyms (System.map) from a memory dump☆28Aug 17, 2023Updated 2 years ago
- The k8s-generic-webhook is a library to simplify the implementation of webhooks for arbitrary customer resources (CR) in the operator-sdk…☆16May 18, 2026Updated last week
- ☆25Jun 2, 2024Updated last year
- Windows Terminal - Watch commands execute (similar to Unix/Linux watch command) with color highlights.☆14Updated this week
- HTTP middleware for OpenFaaS☆13Apr 18, 2025Updated last year
- Sniff and attack networks that use IP-in-IP or VXLAN encapsulation protocols.☆24Apr 27, 2026Updated last month
- A helm plugin for ArgoCD to support the lookup function☆10Nov 16, 2022Updated 3 years ago