Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.

Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on playground 🚀

📦 Make security testing of K8s, Docker, and Containerd easier.

veinmind-tools 是由长亭科技自研，基于 veinmind-sdk 打造的容器安全工具集

Metarget is a framework providing automatic constructions of vulnerable infrastructures.

A Blazing fast Security Auditing tool for Kubernetes

Kubernetes Security Checklist and Requirements - All in One (authentication, authorization, logging, secrets, configuration, network, workloads, dockerfile)

🧵 CLI tool for directly patching container images using reports from vulnerability scanners

awesome resources about cloud native security 🐿

k0otkit is a universal post-penetration technique which could be used in penetrations against Kubernetes clusters.

A demo of cloud-native Inner Loop and Outer Loop controlling a 2-tier app (Python + Go) with Red Hat OpenShift using Tekton Pipelines, Argo CD GitOps, Eclipse Che aka OpenShift DevSpaces and Quay.io registry

Help building an adaptive and fine-grained pod security policy

Container Security Workshop covering using Falco on Kubernetes.

🔐 Docker Container for Penetration Testing & Security

Contains scripts for running anchore engine in CI pipelines

OpenShift Guide. Learn about the Red Hat OpenShift Container Platform, Data Science, Code Ready Containers, Podman, Buildah, and Kubernetes.

一个由长亭自研，直观而可扩展的容器安全 SDK

🧰 Multi Tool Kubernetes Pentest Image

Simplifying Seccomp enforcement in containerized or non-containerized apps

The Amazon Elastic Kubernetes Service (EKS) Creation Engine (ECE) is a Python command-line program created by the Lightspin Office of the CISO to facilitate the creation and enablement of secure EKS Clusters.