thought-machine / falco-probes
Automated build and mirror of eBPF kernel probes for use as a driver with the Falco runtime security agent (https://falco.org/)
☆16Updated 4 months ago
Related projects: ⓘ
- A tool for in-depth analysis of container checkpoints☆95Updated last month
- Ebpf faqs, samples, tooling☆43Updated 3 years ago
- agent for handling seccomp descriptors for container runtimes☆41Updated 7 months ago
- A process level network security monitoring and enforcement project for Kubernetes, using eBPF☆40Updated 4 years ago
- Kit for building Falco drivers: kernel modules or eBPF probes☆64Updated last week
- Tutorials about Cilium and SPIRE integration☆27Updated 2 years ago
- Kubernetes audit logging, when you don't control the control plane☆64Updated this week
- 🐝 BPFBox 📦 Exploring process confinement in eBPF☆98Updated 8 months ago
- A repository to store Rad Fingerprinting data.☆23Updated last month
- Utilities for Cilium networking performance evaluation☆55Updated 3 years ago
- ☆35Updated 3 years ago
- Code coverage tooling for eBPF☆35Updated last month
- Manage AppAmormor profiles for Kubernetes cluster☆37Updated 11 months ago
- Evolution process of The Falco Project☆48Updated this week
- ☆23Updated 3 years ago
- ptrace-based event producer for udig☆66Updated 2 years ago
- Intent driven security automation framework☆23Updated this week
- Operator to deploy confidential containers runtime☆107Updated last week
- Links and resources for the O'Reilly Kubernetes Security book☆39Updated 6 years ago
- Administrative tooling for Falco☆88Updated this week
- Cloud Native Security Hub - Security Resources☆55Updated 4 years ago
- vexctl is a tool to attest VEX impact statements☆44Updated last year
- Falco plugins registry☆82Updated this week
- Discover least permissive security posture, Network Microsegmentation, and Application behaviour based on visibility/observability data e…☆30Updated 11 months ago
- A replacement for "kubectl exec" that works over WebSocket connections.☆27Updated 5 months ago
- Docker Secure Computing Profile Generator☆47Updated 2 years ago
- A tool to render a pie chart of memory usage (bytes_memlock) of BPF maps on the system 🥧☆18Updated 3 months ago
- Anchore Kubernetes Inventory can poll Kubernetes Cluster API(s) to tell Anchore Enterprise which Containers and Images are currently in-u…☆62Updated this week
- Common code for hardening benchmarks☆10Updated 7 months ago
- Sigstore Policy Controller - an admission controller that can be used to enforce policy on a Kubernetes cluster based on verifiable supp…☆123Updated last week