felix
KubeArmor
Our great sponsors
felix | KubeArmor | |
---|---|---|
1 | 3 | |
922 | 1,273 | |
0.0% | 6.7% | |
0.0 | 9.5 | |
5 months ago | 3 days ago | |
C | Go | |
Apache License 2.0 | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
felix
-
Pod-to-pod encryption with Calico and Wireguard - where can I read up on this?
Yes, inter-node–the definitive source is in the felix repo, e.g., https://github.com/projectcalico/felix/blob/master/wireguard/wireguard.go
KubeArmor
-
Implement DevSecOps to Secure your CI/CD pipeline
Falco is a cloud native Kubernetes threat detection tool. It can detect unexpected behavior, intrusions, and data theft in real time. In the backend, it uses Linux eBPF technology to trace your system and applications at runtime. For example, it can detect if someone tries to read a secret file inside a container, access a pod as a root user, etc, and trigger a webhook or send logs to the monitoring system. There are similar tools like Tetragon, KubeArmor, and Tracee which also provide Kubernetes runtime security.
- KubeArmor: Container-Aware Runtime Security Enforcement System Using LSM
-
The State of FOSS in India
We're building a KubeArmor - a container-aware runtime security enforcement system n using LSMs - between India, Korea and the US
https://github.com/accuknox/kubearmor
What are some alternatives?
erda - An enterprise-grade Cloud-Native application platform for Kubernetes.
gvisor - Application Kernel for Containers
grype - A vulnerability scanner for container images and filesystems
cilium - eBPF-based Networking, Security, and Observability
dockle - Container Image Linter for Security, Helping build the Best-Practice Docker Image, Easy to start
datree - Prevent Kubernetes misconfigurations from reaching production (again 😤 )! From code to cloud, Datree provides an E2E policy enforcement solution to run automatic checks for rule violations. See our docs: https://hub.datree.io
llama-go - Port of Facebook's LLaMA (Large Language Model Meta AI) in Golang with embedded C/C++
eBPF-Guide - eBPF (extended Berkeley Packet Filter) Guide. Learn all about the eBPF Tools and Libraries for Security, Monitoring , and Networking.
Virtualization-Emulation-Guide - Virtualization/Emulation Guide
jaeger - CNCF Jaeger, a Distributed Tracing Platform
Lean and Mean Docker containers - Slim(toolkit): Don't change anything in your container image and minify it by up to 30x (and for compiled languages even more) making it secure too! (free and open source)
cronn - cron service with extras