Container Security
Showing 31 of 31 projects
A comprehensive security scanner that finds vulnerabilities, misconfigurations, secrets, and SBOMs in containers, Kubernetes, code, and clouds.
Minimal Docker images containing only your application and runtime dependencies, without package managers or shells.
An application kernel for containers that provides strong isolation by implementing a Linux-like interface in memory-safe Go.
A tool to build container images from a Dockerfile inside a container or Kubernetes cluster without a Docker daemon.
An open-source unified XDR and SIEM platform for threat prevention, detection, and response across endpoints and cloud workloads.
A lightweight CLI tool for spawning and running Linux containers according to the OCI specification.
A smarter Dockerfile linter that helps you build best practice Docker images by parsing the Dockerfile AST and linting inline bash.
A smarter Dockerfile linter that helps you build best practice Docker images by parsing the AST and linting inline Bash.
A vulnerability scanner for container images, filesystems, and SBOMs to detect known security issues.
A vulnerability scanner for container images, filesystems, and SBOMs to detect known security issues.
Static vulnerability analysis for container images (OCI/Docker) via an API that indexes and matches against known security flaws.
Open-source vulnerability static analysis tool for container images (OCI/Docker) via API-based indexing and matching.
A command-line tool for performing operations on container images and registries without requiring a daemon or root privileges.
A script that checks for dozens of common best-practices around deploying Docker containers in production.
A cloud native runtime security tool for Linux that detects abnormal behavior and security threats in real-time.
A CLI tool and Go library for generating Software Bill of Materials (SBOM) from container images and filesystems.
A CLI tool and Go library for generating Software Bill of Materials (SBOM) from container images and filesystems.
A pod-native container engine for Linux designed to be secure, composable, and standards-based.
A pod-native container engine for Linux designed to be secure, composable, and standards-based.
A tool for signing and verifying container images and other artifacts using the Sigstore framework.
An intentionally vulnerable Kubernetes cluster environment for hands-on security training and practice.
Open source CNAPP that hunts for threats in cloud native platforms, ranks them by risk, and visualizes attack paths.
A simple Go-based tool to step down from root and execute a process as another user, designed for Docker containers.
A production-ready Dockerfile template with security-focused best practices for building reliable container images.
A comprehensive cheat sheet for Docker commands covering installation, container management, networking, security, and Docker Swarm.
A lightweight Linux process isolation tool using namespaces, cgroups, rlimits, and seccomp-bpf syscall filters for enhanced security.
A CLI tool for analyzing and comparing Docker container images across multiple criteria like file system, packages, and history.
A standalone tool that finds unprotected secrets like passwords and API keys in container images and file systems.
A curated list of awesome Linux container frameworks, libraries, software, and resources for developers and DevOps engineers.
A curated list of awesome Linux container frameworks, libraries, software, and resources for developers and DevOps engineers.
An open-source artifact metadata API for auditing and governing software supply chains.
Related Tags
Found a gem we're missing?
Open-Awesome is built by the community, for the community. Submit a project, suggest an awesome list, or help improve the catalog on GitHub.