Flask demo for presentation at Devops NG on Linux container hardening

Blogpost material: how to use a custom seccomp profile on a managed Kubernetes cluster

Tool to enable bind mounting between two paths that are both inside the container.

Using Rego (OPA) for applying policy on Kubernetes workloads

Tool to capture containers syscalls and generate a Seccomp profile

Flask demo for presentation at Devops NG on Linux container hardening

Merged to firejail; Find syscalls of executables for seccomp-bpf sandbox policies.

Isolated Firefox browser with pre-configured extensions. Customize with your own extensions as needed.

Docker Secure Computing Profile Generator

minT(oolkit): Mint awesome, secure and production ready containers just the way you need them! Don't change anything in your container image and minify it by up to 30x (and for compiled languages even more) making it secure too! (free and open source)

OCI hook to trace syscalls and generate a seccomp profile

Slim(toolkit): Don't change anything in your container image and minify it by up to 30x (and for compiled languages even more) making it secure too! (free and open source)