Containers from scratch

Running a rootless container in a few lines of Go code with just linux syscalls

Grumpy: Cosign Validator

Runs as validating admission controller to verify integrity of images

Harbor Enhanced Logging

Improving the security audit logging in Harbor using OpenResty & change of architectural design

Kubectl fields

Plugin to parse and search fields from kubectl resources hierarchy tree

Kubectl whisper secret

Plugin to create secrets with secure input prompt to prevent information leakages through terminal history, shoulder surfing attacks, etc

Malicious Admission Controller

Kubernetes Admission Controller Webhook Demo

Starboard Exporter

A standalone exporter for vulnerability reports and other CRs created by Trivy Operator (formerly Starboard).

Trivy Operator

The Trivy operator automatically updates security reports in response to workload and other changes on a Kubernetes cluster & generating the reports

Trivy Operator App

App for deploying the Aqua Security Trivy operator