microsoft / Threat-Matrix-for-KubernetesLinks
Microsoft Defender for Cloud threat matrix for Kubernetes
☆26Updated 2 years ago
Alternatives and similar repositories for Threat-Matrix-for-Kubernetes
Users that are interested in Threat-Matrix-for-Kubernetes are comparing it to the libraries listed below
Sorting:
- Threat Modeling (based on STRIDE approach) for Kubernetes systems.☆25Updated 11 months ago
- ☆89Updated 4 months ago
- kubernetes-for-soc aims to fast-track the learning curve for SOC analysts by enabling them to swiftly grasp the essential concepts and kn…☆56Updated last year
- NamespaceHound is the tool for detecting the risk of potential namespace crossing violations in multi-tenant clusters.☆109Updated 9 months ago
- ☆114Updated last month
- Tooling to simulate runtime attacks and test default runtime detections from Datadog Cloud Security Management.☆32Updated 11 months ago
- Test & Compare different Kubernetes security offerings on EKS, GKE and AKS☆40Updated last year
- SBOM Move - Automate build and transfer of SBOMs across systems☆23Updated this week
- Nextdoor's Cloud Security Posture Management (CSPM) Evaluation Matrix☆58Updated 2 years ago
- Cloud Security Posture security policies☆32Updated last year
- ☆181Updated 5 months ago
- A tool for preventing the installation of malicious npm and PyPI packages☆165Updated this week
- The regolibrary package contains the controls Kubescape uses for detecting misconfigurations in Kubernetes manifests.☆127Updated this week
- Threat model for Azure Storage - Library of all the attack scenarios on Azure Storage, and how to mitigate them following a risk-based ap…☆59Updated 2 years ago
- Slack alert bot for matching Github Audit Events☆10Updated 10 months ago
- VMClarity is a tool for agentless detection and management of Virtual Machine Software Bill Of Materials (SBOM) and vulnerabilities☆102Updated 11 months ago
- vexctl is a tool to attest VEX impact statements☆45Updated 2 years ago
- kntrl is an eBPF based runtime agent that monitors and prevents anomalous behaviour defined by you on your pipeline. kntrl achieves this …☆119Updated last week
- A tool to create, transform and attest VEX metadata☆155Updated last week
- Template Go app repo with local test/lint/build/vulnerability check workflow, and on tag image test/build/release pipelines, with ko gene…☆104Updated last year
- The security workflow engine!☆122Updated last week
- PEACH - a step-by-step framework for modeling and improving SaaS and PaaS tenant isolation, by managing the attack surface exposed by use…☆72Updated 2 years ago
- Attaché provides an emulation layer for Cloud Provider IMDS APIs☆60Updated last year
- ☆56Updated 2 weeks ago
- ☆16Updated last year
- Clean accounts over permissions in GCP infra at scale☆71Updated 2 years ago
- ☆75Updated 6 months ago
- ☆56Updated this week
- ☆74Updated 4 months ago
- A compilation of Software Supply Chain Security resources including initiatives, standards, regulations, organizations, vendors, tooling,…☆137Updated last year