Slim(或SlimToolkit 、DockerSlim)是一个 Docker 镜像瘦身工具
Sandstorm is a self-hostable web productivity suite. It's implemented as a security-hardened web app package manager.
翻译 - Sandstorm是一个可自我托管的Web生产力套件。它被实现为具有安全性的Web应用程序包管理器。
Curated resources help you prepare for the CNCF/Linux Foundation CKS 2021 "Kubernetes Certified Security Specialist" Certification exam. Please provide feedback or requests by raising issues, or maki...
翻译 - 在线资源可帮助您准备参加CNCF / Linux Foundation CKS 2020“ Kubernetes认证的安全专家”认证考试。随着时间的推移,这不太可能是最新的完整列表-如果在此处添加一些内容,请提出拉取请求。
A stupid game for learning about containers, capabilities, and syscalls.
The Kubernetes Security Profiles Operator
vArmor is a cloud native container sandbox system based on AppArmor/BPF/Seccomp. It also includes multiple built-in protection rules that are ready to use out of the box.
A set of curated exercises to help you prepare for the CKS exam
minT(oolkit): Mint awesome, secure and production ready containers just the way you need them! Don't change anything in your container image and minify it by up to 30x (and for compiled languages even...
🔍 Seccomp profiling and function-level tracing tool.
Rust implementation of PRoot, a ptrace-based sandbox
Simplifying Seccomp enforcement in containerized or non-containerized apps
Build custom Docker seccomp profiles for containers by finding syscalls it uses.
Go library for installing a seccomp BPF system call filter.
Record process launches and files read and written by each process