Community curated list of System and Network policy templates for the KubeArmor and Cilium
☆51May 26, 2026Updated 3 weeks ago
Alternatives and similar repositories for policy-templates
Users that are interested in policy-templates are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Discover least permissive security posture, Network Microsegmentation, and Application behaviour based on visibility/observability data e…☆35May 19, 2025Updated last year
- KubeArmor cli tool aka kArmor☆45Updated this week
- AccuKnox CI/CD Action for IaC Security Scan☆19May 15, 2026Updated last month
- AccuKnox CI/CD Action for Container Security Scan☆18Feb 26, 2026Updated 3 months ago
- Intent driven security automation framework☆27Aug 12, 2025Updated 10 months ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- Infrastructure-as-code for a serverless knowledge base using Amazon Bedrock, Aurora PostgreSQL (with pgvector), Lambda, and S3. This setu…☆19Mar 23, 2025Updated last year
- Runtime Security Enforcement System. Workload hardening/sandboxing and implementing least-permissive policies made easy leveraging LSMs (…☆2,139Updated this week
- ☆55Mar 31, 2026Updated 2 months ago
- 🔮 ✈️ to integrate OPA Gatekeeper's new ExternalData feature with cosign to determine whether the images are valid by verifying their sig…☆79Dec 4, 2025Updated 6 months ago
- LLVM trunk with poolalloc trunk modified to compile only DSA☆12Jul 9, 2015Updated 10 years ago
- ⚡ k8s event logger operator - logs configured events to stdout in order to not lose them☆10Updated this week
- A curated collection of scripts for kernel-related devops☆14Nov 23, 2023Updated 2 years ago
- Spectre variant 1 exploitation via PRIME+PROBE☆10May 22, 2019Updated 7 years ago
- bpflock - eBPF driven security for locking and auditing Linux machines☆153Feb 16, 2022Updated 4 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- This is the code repository for **Prompting Client**☆15Updated this week
- ☆18Oct 9, 2023Updated 2 years ago
- ☆11Nov 22, 2021Updated 4 years ago
- ☆113Mar 29, 2026Updated 2 months ago
- kCFI Documentation☆15Apr 18, 2017Updated 9 years ago
- trust-manager is an operator for distributing trust bundles across a Kubernetes cluster.☆382Updated this week
- Kyverno extension service for Notation and the AWS signer☆16Mar 24, 2026Updated 2 months ago
- Detect intrusions that happened in your Kubernetes cluster through audit logs using Falco☆63Jun 2, 2021Updated 5 years ago
- This rap optimizations and hl_cfi have be merged in hardenedlinux/linux-unofficial_grsec☆17Oct 3, 2019Updated 6 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- An simple application with an HTTP server & SQLite database.☆16May 30, 2021Updated 5 years ago
- Automated recovery of Linux kernel build configurations☆26Jan 14, 2022Updated 4 years ago
- Github Actions wrapper for vmtest☆12Jan 10, 2025Updated last year
- ansible roles to download and install empire (BC-Security),deathstar(byt3bl33der) and starkiller (BC-Security)☆24May 8, 2022Updated 4 years ago
- ebpfkit-monitor is a tool that detects and protects against eBPF powered rootkits☆141Feb 28, 2023Updated 3 years ago
- ☆36Jan 20, 2021Updated 5 years ago
- Proof-of-concept implementation for the paper "Indirect Meltdown: Building Novel Side-Channel Attacks from Transient Execution Attacks" (…☆23Sep 24, 2023Updated 2 years ago
- A library and helper applications that form the basis for building the different Paketo-style JVM-providing buildpacks☆23Updated this week
- NamespaceHound is the tool for detecting the risk of potential namespace crossing violations in multi-tenant clusters.☆114Jan 2, 2025Updated last year
- Simple, predictable pricing with DigitalOcean hosting • AdAlways know what you'll pay with monthly caps and flat pricing. Enterprise-grade infrastructure trusted by 600k+ customers.
- 读过的安全文章离线归档 | begin in 2023.11.23☆18Jun 4, 2024Updated 2 years ago
- Materials for https://fosdem.org/2020/schedule/event/golinux/ talk☆14Feb 2, 2020Updated 6 years ago
- Various examples of using eBPF code☆18Jan 3, 2024Updated 2 years ago
- The k8s-generic-webhook is a library to simplify the implementation of webhooks for arbitrary customer resources (CR) in the operator-sdk…☆15Updated this week
- Windows Terminal - Watch commands execute (similar to Unix/Linux watch command) with color highlights.☆14May 27, 2026Updated 3 weeks ago
- HTTP middleware for OpenFaaS☆13Apr 18, 2025Updated last year
- Sniff and attack networks that use IP-in-IP or VXLAN encapsulation protocols.☆24Apr 27, 2026Updated last month