Search Results for "security linux"
Sort By:
Showing 25 open source projects for "security linux"
View related business solutions-
MongoDB Atlas runs apps anywhereMongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.
-
Auth0 B2B Essentials: SSO, MFA, and RBAC Built InAuth0's B2B Essentials plan gives you everything you need to ship secure multi-tenant apps. Unlimited orgs, enterprise SSO, RBAC, audit log streaming, and higher auth and API limits included. Add on M2M tokens, enterprise MFA, or additional SSO connections as you scale.
-
1
Pumba
Chaos testing, network emulation, stress testing tool for containers
Pumba is a chaos testing command line tool for Docker containers. Pumba disturbs your containers by crashing containerized applications, emulating network failures and stress-testing container resources (cpu, memory, fs, io, and others). -
2
StackRox Kubernetes
Performs a risk analysis of the container environment
The StackRox Kubernetes Security Platform performs a risk analysis of the container environment, delivers visibility and runtime alerts, and provides recommendations to proactively improve security by hardening the environment. StackRox integrates with every stage of the container lifecycle: build, deploy and runtime. The StackRox Kubernetes Security platform is built on the foundation of the product formerly known as Prevent, which itself was called Mitigate and Apollo. You may find... -
3
LINKERD
Ultralight, security-first service mesh for Kubernetes
Enterprise power without enterprise complexity. Linkerd adds security, observability, and reliability to any Kubernetes cluster. 100% open source, CNCF graduated, and written in Rust. Instantly add latency-aware load balancing, request retries, timeouts, and blue-green deploys to keep your applications resilient. Incredibly small and blazing fast Linkerd2-proxy micro-proxy written in Rust for security and performance. Self-contained control plane, incrementally deployable data plane, and... -
4
RBAC Manager
A Kubernetes operator that simplifies the management of Role Bindings
RBAC Manager is designed to simplify authorization in Kubernetes. This is an operator that supports declarative configuration for RBAC with new custom resources. Instead of managing role bindings or service accounts directly, you can specify a desired state and RBAC Manager will make the necessary changes to achieve that state. -
Go From AI Idea to AI App FastAccess Gemini 3 and 200+ models. Build chatbots, agents, or custom models with built-in monitoring and scaling.
-
5
Deckhouse
Kubernetes platform from Flant
Deckhouse is a Kubernetes platform that allows you to create homogeneous K8s clusters on any infrastructure. It manages clusters comprehensively and “automagically” and provides all necessary modules and add-ons for autoscaling, observability, security, and service mesh implementation. Deckhouse has vanilla Kubernetes under the hood and integrates a balanced set of Open Source tools that have become the industry standard. Out-of-the-box secure configuration of the Kubernetes cluster, least... -
6
Harbor
An open source trusted cloud native registry project that stores
Harbor is an open-source trusted cloud native registry project that stores, signs, and scans content. Harbor extends the open-source Docker Distribution by adding the functionalities usually required by users such as security, identity and management. Having a registry closer to the build-and-run environment can improve the image transfer efficiency. Harbor supports replication of images between registries, and also offers advanced security features such as user management, access control... -
7
kube2iam
Provides different AWS IAM roles for pods running on Kubernetes
Provide IAM credentials to containers running inside a Kubernetes cluster based on annotations. Traditionally in AWS, service level isolation is done using IAM roles. IAM roles are attributed through instance profiles and are accessible by services through the transparent usage by the aws-sdk of the ec2 metadata API. When using the aws-sdk, a call is made to the EC2 metadata API which provides temporary credentials that are then used to make calls to the AWS service. The problem is that in a... -
8
Trivy Operator
Kubernetes-native security toolkit
The Trivy Operator leverages Trivy to continuously scan your Kubernetes cluster for security issues. The scans are summarised in security reports as Kubernetes Custom Resource Definitions, which become accessible through the Kubernetes API. The Operator does this by watching Kubernetes for state changes and automatically triggering security scans in response. For example, a vulnerability scan is initiated when a new Pod is created. This way, users can find and view the risks that relate to... -
9
kcp Kubernetes
Kubernetes-like control planes for form-factors
kcp can be a building block for SaaS service providers who need a massively multi-tenant platform to offer services to a large number of fully isolated tenants using Kubernetes-native APIs. The goal is to be useful to cloud providers as well as enterprise IT departments offering APIs within their company. kcp takes full advantage of Kubernetes API conventions, the glue that binds the cloud-native technology ecosystem together and imbues Kubernetes popular end-user experience, but kcp has... -
Forever Free Full-Stack Observability | Grafana CloudBuilt on open standards like Prometheus and OpenTelemetry, Grafana Cloud includes Kubernetes Monitoring, Application Observability, Incident Response, plus the AI-powered Grafana Assistant. Get started with our generous free tier today.
-
10
Rancher
Complete container management platform
From datacenter to cloud to edge, Rancher lets you deliver Kubernetes-as-a-Service. Rancher is a complete software stack for teams adopting containers. It addresses the operational and security challenges of managing multiple Kubernetes clusters, while providing DevOps teams with integrated tools for running containerized workloads. From datacenter to cloud to edge, Rancher's open source software lets you run Kubernetes everywhere. You don’t need to figure Kubernetes out all on your own.... -
11
gVisor
Application Kernel for Containers
gVisor is an application kernel developed by Google that provides a strong layer of isolation between applications and the host operating system. Written in Go, it implements a Linux-compatible system call interface that runs entirely in user space, creating a secure sandboxed environment for containers. Unlike traditional virtual machines or lightweight syscall filters, gVisor follows a third approach that offers many of the security benefits of virtualization while maintaining the speed, resource efficiency, and flexibility of containers. ... -
12
KubeLinter
KubeLinter is a static analysis tool that checks Kubernetes YAML files
KubeLinter analyzes Kubernetes YAML files and Helm charts, and checks them against a variety of best practices, with a focus on production readiness and security. KubeLinter runs sensible default checks, designed to give you useful information about your Kubernetes YAML files and Helm charts. This is to help teams check early and often for security misconfigurations and DevOps best practices. Some common examples of these include running containers as a non-root user, enforcing least... -
13
Envoy Gateway
Manages Envoy Proxy as a Standalone or Kubernetes-based Gateway
Envoy Gateway is an open source project for managing Envoy Proxy as a standalone or Kubernetes-based application gateway. Based on Gateway API, with reasonable default settings to simplify the Envoy user experience, without knowing details of Envoy proxy. Automatically Envoy infrastructure provisioning and management. Support for heterogeneous environments. Initially, Kubernetes will receive the most focus. Vendors will have the ability to provide value-added products built on the Envoy... -
14
Kuma
The multi-zone service mesh for containers, Kubernetes and VMs
Kuma is a modern Envoy-based service mesh that can run on every cloud, in a single or multi-zone capacity, across both Kubernetes and VMs. Thanks to its broad universal workload support, combined with native support for Envoy as its data plane proxy technology (but with no Envoy expertise required), Kuma provides modern L4-L7 service connectivity, discovery, security, observability, routing, and more across any service on any platform, databases included. Easy to use, with built-in service... -
15
Kube-OVN
A Bridge between SDN and Cloud Native (Project under CNCF)
If you miss the good old days of SDN, then Kube-OVN is your choice in Cloud Native era. Kube-OVN, a CNCF Sandbox Level Project, integrates the OVN-based Network Virtualization with Kubernetes. It offers an advanced Container Network Fabric for Enterprises with the most functions, extreme performance and the easiest operation. Each Namespace can have a unique Subnet (backed by a Logical Switch). Pods within the Namespace will have IP addresses allocated from the Subnet. It's also possible for... -
16
KubeClarity
KubeClarity is a tool for detection and management of vulnerabilities
KubeClarity is a tool for detection and management of Software Bill Of Materials (SBOM) and vulnerabilities of container images and filesystems. It scans both runtime K8s clusters and CI/CD pipelines for enhanced software supply chain security. Effective vulnerability scanning requires an accurate Software Bill Of Materials (SBOM) detection. KubeClarity includes a CLI that can be run locally and especially useful for CI/CD pipelines. It allows to analyze images and directories to generate... -
17
Apache APISIX for Kubernetes
APISIX Ingress Controller for Kubernetes
Apache APISIX provides rich traffic management features like Load Balancing, Dynamic Upstream, Canary Release, Circuit Breaking, Authentication, Observability, etc. Apache APISIX provides open source API Gateway to help you manage microservices, delivering the ultimate performance, security, and scalable platform for all your APIs and microservices. Apache APISIX is the first open-source API Gateway that includes a built-in low-code Dashboard, which offers a powerful and flexible UI for... -
18
Gloo Gateway
The Feature-rich, Kubernetes-native, Next-Generation API Gateway
Gloo Gateway is a powerful Kubernetes-native ingress controller and API gateway that is based on the Kubernetes Gateway API. It excels in function-level routing, supports legacy apps, microservices and serverless, offers robust discovery capabilities, integrates seamlessly with open-source projects, and is designed to support hybrid applications with various technologies, architectures, protocols, and clouds. -
19
Moby
Project for the container ecosystem to assemble containe-based systems
...At the core of Moby is a framework to assemble specialized container systems which provides a library of containerized components for all vital aspects of a container system, OS, container runtime, orchestration, infrastructure management, networking, storage, security, build, image distribution, etc. Tools to assemble the components into runnable artifacts for a variety of platforms and architectures: bare metal (both x86 and Arm); executables for Linux, Mac and Windows; VM images for popular cloud and virtualization providers. -
20
audit2rbac
Autogenerate RBAC policies based on Kubernetes audit logs
audit2rbac takes a Kubernetes audit log and username as input, and generates RBAC role and binding objects that cover all the API requests made by that user. -
21
Bank Vaults
K8s operator, Go client with automatic token renewal
The Vault Swiss Army knife, which makes enterprise-grade security attainable on Kubernetes. It has many 'blades' that cut through the security problem: the Bank-Vaults operator provides automation; a Go client with automatic token renewal that provides dynamic secret generation, multiple unseal options, and more; a CLI tool to initialize, unseal and configure Vault with authentication methods and secret engines; and direct secret injection into Pods to reduce the attack surface. Automates... -
22
Pipeline
Banzai Cloud Pipeline is a solution-oriented application platform
Banzai Cloud Pipeline is a solution-oriented application platform which allows enterprises to develop, deploy and securely scale container-based applications in multi- and hybrid-cloud environments. Banzai Pipeline, or simply Pipeline is a tabletop reef break located in Hawaii, Oahu's North Shore. The most famous and infamous reef in the universe is the benchmark by which all other waves are measured. Banzai Cloud Pipeline is a solution-oriented application platform which allows enterprises... -
23
Singularity
Open source container platform designed to be simple, fast, and secure
Singularity is an open-source container platform designed to be simple, fast, and secure. Many container platforms are available, but Singularity is designed for ease of use on shared systems and in high-performance computing (HPC) environments. -
24
kiam
Integrate AWS IAM with Kubernetes
kiam runs as an agent on each node in your Kubernetes cluster and allows cluster users to associate IAM roles with Pods. [a] role is similar to a user, in that it is an AWS identity with permission policies that determine what the identity can and cannot do in AWS. However, instead of being uniquely associated with one person, a role is intended to be assumed by anyone who needs it. Also, a role does not have any credentials (password or access keys) associated with it. Instead, if a user is... -
25
pico
A Git-driven task runner built to facilitate GitOps and Infrastructure
Pico is a Git-driven task runner built to facilitate GitOps and Infrastructure-as-Code while securely passing secrets to tasks. What once was a place to chat and collaborate with people across the planet is now a platform for the commercialization of products and services. At the seat of the modern web is the browser. The modern browser is very much like an operating system, both in terms of complexity and code size. Only massive corporations can build and maintain it. Further, the web...
- Previous
- You're on page 1
- Next
