Use Tetragon to Limit Network Usage for a set of Binary

• tetragon

  11 3,282 9.9 Go

  eBPF-based Security Observability and Runtime Enforcement

  

Many interesting software are coming from the community, many are distributed through the package manager of the operating system. But for the others, you can download them from Github release pages, use snap or homebrew to cite a few. But this last installation method bypasses the security team that tries to improve the security of your operating system. By doing so, you are implicitly trusting the author he is not distributing malware or implementing backdoors. How many tools did you install by hand? Do you really trust all of them? Confidence is very important, yet it would be nice to limit capabilities for a set of binary that you don't fully trust. In this blog post, we will use Tetragon to forbid network usage for tools that don't need to.

• jq

  52 29,042 9.4 C

  Command-line JSON processor

  

jq

• InfluxDB

  www.influxdata.com sponsored

  Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

  

• k9s

  126 24,857 9.4 Go

  🐶 Kubernetes CLI To Manage Your Clusters In Style!

k9s

• jless

  34 4,487 6.3 Rust

  jless is a command-line JSON viewer designed for reading, exploring, and searching through JSON data.

jless

• yq

  66 10,802 9.2 Go

  yq is a portable command-line YAML, JSON, XML, CSV, TOML and properties processor

yq

• helm

  206 26,013 9.0 Go

  The Kubernetes Package Manager

  

helm

Suggest a related project