Tool to enable bind mounting between two paths that are both inside the container.

Flask demo for presentation at Devops NG on Linux container hardening

Merged to firejail; Find syscalls of executables for seccomp-bpf sandbox policies.

Docker Secure Computing Profile Generator

Isolated Firefox browser with pre-configured extensions. Customize with your own extensions as needed.

Blogpost material: how to use a custom seccomp profile on a managed Kubernetes cluster

Tool to capture containers syscalls and generate a Seccomp profile

Flask demo for presentation at Devops NG on Linux container hardening

Using Rego (OPA) for applying policy on Kubernetes workloads

OCI hook to trace syscalls and generate a seccomp profile

Slim(toolkit): Don't change anything in your container image and minify it by up to 30x (and for compiled languages even more) making it secure too! (free and open source)

minT(oolkit): Mint awesome, secure and production ready containers just the way you need them! Don't change anything in your container image and minify it by up to 30x (and for compiled languages even more) making it secure too! (free and open source)