python-tuf
falco
python-tuf | falco | |
---|---|---|
3 | 42 | |
1,588 | 6,964 | |
0.6% | 1.9% | |
9.3 | 9.8 | |
7 days ago | about 23 hours ago | |
Python | C++ | |
Apache License 2.0 | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
python-tuf
-
PyUpdater is not maintained anymore... even if we integrate Python-TUF in it?
Using Python-TUF, but it's purpose is not to package app, check new version and apply updates and patches, so a non negligible layer of development is needed to achieve the same work as the first choices.
-
An Overview of Kubernetes Security Projects at KubeCon Europe 2023
Confusingly named, it’s not a framework, but a specification that developers can follow when implementing their update systems to help users know they can trust the updates they receive. There’s also a Python reference implementation.
-
PyUpdater is no longer maintained. What now? - Tufup: automated updates for stand-alone Python applications.
Hello world! I want to recommend a wonderful open-source package called Tufup. It's a simple software updater for stand-alone Python applications. This package was created as a replacement for PyUpdater, given the fact that PyUpdater has been archived and is no longer maintained. However, whereas PyUpdater implements a custom security mechanism to ensure authenticity (and integrity) of downloaded update files, Tufup is built on top of the security mechanisms implemented in the python-tuf package, a.k.a. TUF (The Update Framework). By entrusting the design of security measures to security professionals, Tufup can focus on high-level tools.
falco
-
Cisco Acquires Splunk
https://github.com/falcosecurity/falco
Like snort, but looks at system calls.
-
Kubernetes security projects for entry grad roles in DevSecOps/Cloud security
From one noob to another - I had a lot of fun setting up Falco (https://falco.org) and creating custom policies & alerts.
-
An Overview of Kubernetes Security Projects at KubeCon Europe 2023
Falco is a well-known open source security solution originally created by Sysdig. It’s a CNCF incubating project and one of the few (as far as I can tell) options on this list that uses eBPF to scan for vulnerabilities.
-
K8s secret management
Use some kind of SIEM or Falco to alert you to threats (you can't stop them, but a human can always intervene)
-
How to Deploy and Scale Strapi on a Kubernetes Cluster 2/2
Falco, is a security project that can help you detect threats from within your cluster.
- Opensource IDS for Kubernetes??
-
Go based eBPF projects
https://falco.org/ is a security-focused monitoring and alerting with an eBPF option
- Is there a utility that can send shell command to all pods?
- eBPF – Running sandboxed programs in a privileged context such as OS kernel
-
My GoLab 2022 experience
On the cgo side I want to highlight two talks: one from Loris Cro about dealing with cross-complition difficulties, that the usage of cgo brings, using the Zig language and the other from Jason Dellaluce and Leonardo Grasso about how to extend Falco, a Kubernetes threat detection engine, which is written in C++, with plugins written in Go, explaining the challenges of integrating cgo in both C and Go.
What are some alternatives?
WARP-UNLIMITED-ADVANCED - Get unlimited amount of data in Cloudflare's WARP VPN🔥
trivy - Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
PyUpdater - Pyinstaller auto-update library
Kyverno - Kubernetes Native Policy Management
tufup-example - Example of a self-updating application using tufup.
OSQuery - SQL powered operating system instrumentation, monitoring, and analytics.
tufup - Automated updates for stand-alone Python applications.
gatekeeper - 🐊 Gatekeeper - Policy Controller for Kubernetes
kubeclarity - KubeClarity is a tool for detection and management of Software Bill Of Materials (SBOM) and vulnerabilities of container images and filesystems
kubescape - Kubescape is an open-source Kubernetes security platform for your IDE, CI/CD pipelines, and clusters. It includes risk analysis, security, compliance, and misconfiguration scanning, saving Kubernetes users and administrators precious time, effort, and resources.
dependency-track - Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.
istio - Connect, secure, control, and observe services.