kubernix
falco
kubernix | falco | |
---|---|---|
1 | 42 | |
741 | 6,913 | |
- | 1.4% | |
0.0 | 9.8 | |
over 1 year ago | 5 days ago | |
Rust | C++ | |
MIT License | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
kubernix
-
Top 200 Kubernetes Tools for DevOps Engineer Like You
Okteto: A Tool for Cloud Native Developers - Build better applications by developing and testing your code directly in Kubernetes Tilt: Tilt manages local development instances for teams that deploy to Kubernetes - Local Kubernetes development with no stress Garden: Kubernetes from source to finish - Development orchestrator for Kubernetes, containers and functions. KuberNix - Single dependency Kubernetes clusters for local testing, experimenting and development Copper - A configuration file validator for Kubernetes ko - Build and deploy Go applications on Kubernetes Dekorate - Java annotation processors for Kubernetes Lens IDE The Kubernetes IDE Kosko - Organize Kubernetes manifests in JavaScript Telepresence - Fast, local development for Kubernetes and Openshift microservices Monokle - Desktop UI for managing Kubernetes manifests Kr8s - Desktop application made for developers that need to monitor and visualize their Kubernetes clusters in a user friendly GUI
falco
-
Cisco Acquires Splunk
https://github.com/falcosecurity/falco
Like snort, but looks at system calls.
-
Kubernetes security projects for entry grad roles in DevSecOps/Cloud security
From one noob to another - I had a lot of fun setting up Falco (https://falco.org) and creating custom policies & alerts.
-
An Overview of Kubernetes Security Projects at KubeCon Europe 2023
Falco is a well-known open source security solution originally created by Sysdig. Itβs a CNCF incubating project and one of the few (as far as I can tell) options on this list that uses eBPF to scan for vulnerabilities.
-
K8s secret management
Use some kind of SIEM or Falco to alert you to threats (you can't stop them, but a human can always intervene)
-
How to Deploy and Scale Strapi on a Kubernetes Cluster 2/2
Falco, is a security project that can help you detect threats from within your cluster.
- Opensource IDS for Kubernetes??
-
Go based eBPF projects
https://falco.org/ is a security-focused monitoring and alerting with an eBPF option
- Is there a utility that can send shell command to all pods?
- eBPF β Running sandboxed programs in a privileged context such as OS kernel
-
My GoLab 2022 experience
On the cgo side I want to highlight two talks: one from Loris Cro about dealing with cross-complition difficulties, that the usage of cgo brings, using the Zig language and the other from Jason Dellaluce and Leonardo Grasso about how to extend Falco, a Kubernetes threat detection engine, which is written in C++, with plugins written in Go, explaining the challenges of integrating cgo in both C and Go.
What are some alternatives?
nix-doc - An interactive Nix documentation tool providing a CLI for function search, a Nix plugin for docs in the REPL, and a ctags implementation for Nix script
trivy - Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
pandit - My Final Year Project. A distributed proxy that converts applications into gRPC Services. Provides powerful user-defined caching strategies.
Kyverno - Kubernetes Native Policy Management
jaeger - CNCF Jaeger, a Distributed Tracing Platform
OSQuery - SQL powered operating system instrumentation, monitoring, and analytics.
argo-cd - Declarative Continuous Deployment for Kubernetes
gatekeeper - π Gatekeeper - Policy Controller for Kubernetes
kubectx - Faster way to switch between clusters and namespaces in kubectl
kubescape - Kubescape is an open-source Kubernetes security platform for your IDE, CI/CD pipelines, and clusters. It includes risk analysis, security, compliance, and misconfiguration scanning, saving Kubernetes users and administrators precious time, effort, and resources.
thanos - Highly available Prometheus setup with long term storage capabilities. A CNCF Incubating project.
istio - Connect, secure, control, and observe services.