Container Security

56 projects

Showing 36 of 56 projects

A comprehensive security scanner that finds vulnerabilities, misconfigurations, secrets, and SBOMs in containers, Kubernetes, code, and clouds.

#sbom#container-security#vulnerability

Stars36.1k

Forks458

Last commit3 days ago

distrolessStarlark

Minimal Docker images containing only your application and runtime dependencies, without package managers or shells.

#container-security#bazel#devops

Stars22.7k

Forks1.4k

Last commit4 days ago

gvisorGo

An application kernel for containers that provides strong isolation by implementing a Linux-like interface in memory-safe Go.

#container-security#sandbox#oci

An open-source unified XDR and SIEM platform for threat prevention, detection, and response across endpoints and cloud workloads.

#container-security#siem#malware-detection

A tool to build container images from a Dockerfile inside a container or Kubernetes cluster without a Docker daemon.

#google-container-tools#container-security#developer-tools

Stars15.8k

Forks1.5k

Last commit1 year ago

runcGo

A lightweight CLI tool for spawning and running Linux containers according to the OCI specification.

#container-security#container-runtime#container-lifecycle

Stars13.3k

Forks2.3k

Last commit3 days ago

GrypeGo

A vulnerability scanner for container images, filesystems, and SBOMs to detect known security issues.

#container-security#vulnerability#sbom-analysis

Stars12.3k

Forks805

Last commit3 days ago

GrypeGo

A vulnerability scanner for container images, filesystems, and SBOMs to detect known security issues.

#container-security#vulnerability#sbom-analysis

Stars12.3k

Forks805

Last commit3 days ago

hadolintHaskell

A smarter Dockerfile linter that helps you build best practice Docker images by parsing the AST and linting inline Bash.

#haskell#container-security#shellcheck

Stars12.2k

Forks495

Last commit7 days ago

Haskell Dockerfile LinterHaskell

A smarter Dockerfile linter that helps you build best practice Docker images by parsing the Dockerfile AST and linting inline bash.

#haskell#container-security#shellcheck

Stars12.2k

Forks495

Last commit7 days ago

clairGo

Static vulnerability analysis for container images (OCI/Docker) via an API that indexes and matches against known security flaws.

#container-security#vulnerabilities#oci

Stars11.0k

Forks1.2k

Last commit5 days ago

ClairGo

Open-source vulnerability static analysis tool for container images (OCI/Docker) via API-based indexing and matching.

#container-security#vulnerabilities#oci

Stars11.0k

Forks1.2k

Last commit5 days ago

skopeoGo

A command-line tool for performing operations on container images and registries without requiring a daemon or root privileges.

#container-security#container-images#devops

Stars11.0k

Forks929

Last commit3 days ago

Docker bench securityShell

A script that checks for dozens of common best-practices around deploying Docker containers in production.

#container-security#audit#security

Stars9.6k

Forks1.0k

Last commit4 days ago

SyftGo

A CLI tool and Go library for generating Software Bill of Materials (SBOM) from container images and filesystems.

#sbom#container-security#cyclonedx

A CLI tool and Go library for generating Software Bill of Materials (SBOM) from container images and filesystems.

#sbom#container-security#cyclonedx

A cloud native runtime security tool for Linux that detects abnormal behavior and security threats in real-time.

#hacktoberfest#container-security#syscall-monitoring

Stars9.0k

Forks1.0k

Last commit7 days ago

App Container basicsGo

A pod-native container engine for Linux designed to be secure, composable, and standards-based.

#container-security#kubernetes-integration#docker-alternative

Stars8.8k

Forks875

Last commit6 years ago

RocketGo

A pod-native container engine for Linux designed to be secure, composable, and standards-based.

#container-security#kubernetes-integration#docker-alternative

Stars8.8k

Forks875

Last commit6 years ago

CosignGo

A tool for signing and verifying container images and other artifacts using the Sigstore framework.

#supply-chain-security#keyless-signing#container-security

Stars6.0k

Forks748

Last commit3 days ago

Kubernetes GoatHTML

An intentionally vulnerable Kubernetes cluster environment for hands-on security training and practice.

#vulnerable-lab#security-training#container-security

Stars5.7k

Forks1.0k

Last commit1 month ago

ThreatMapperTypeScript

Open source CNAPP that hunts for threats in cloud native platforms, ranks them by risk, and visualizes attack paths.

#container-security#vulnerability-management#compliance-scanning

Stars5.3k

Forks635

Last commit7 days ago

GoSuShell

A simple Go-based tool to step down from root and execute a process as another user, designed for Docker containers.

#container-security#devops#setuid

Stars5.0k

Forks359

Last commit2 days ago

Dockerfile best practicesDockerfile

A production-ready Dockerfile template with security-focused best practices for building reliable container images.

#container-security#containerization#devops

Stars4.1k

Forks154

Last commit4 years ago

NsJailC++

A lightweight Linux process isolation tool using namespaces, cgroups, rlimits, and seccomp-bpf syscall filters for enhanced security.

#container-security#linux-namespaces#resource-limits

Stars3.9k

Forks330

Last commit11 days ago

eon01

A comprehensive cheat sheet for Docker commands covering installation, container management, networking, security, and Docker Swarm.

#container-security#devops#container-orchestration

Stars3.9k

Forks485

Last commit3 months ago

container-diffGo

A CLI tool for analyzing and comparing Docker container images across multiple criteria like file system, packages, and history.

#container-security#devops#package-analysis

Stars3.8k

Forks232

Last commit2 years ago

Deepfence SecretScannerGo

A standalone tool that finds unprotected secrets like passwords and API keys in container images and file systems.

#scanning-tool#container-security#passwords

Stars3.4k

Forks347

Last commit3 months ago

Containers

A curated list of awesome Linux container frameworks, libraries, software, and resources for developers and DevOps engineers.

#container-security#devops#container-orchestration

Stars2.1k

Forks179

Last commit2 years ago

Awesome Linux Containers

A curated list of awesome Linux container frameworks, libraries, software, and resources for developers and DevOps engineers.

#container-security#containerization#devops

Stars2.1k

Forks179

Last commit2 years ago

GrafeasGo

An open-source artifact metadata API for auditing and governing software supply chains.

#container-security#api#software-supply-chain

Stars1.6k

Forks307

Last commit14 days ago

BaneGo

A custom AppArmor profile generator for Docker containers that simplifies security configuration.

#container-security#devops#docker-security

Stars1.2k

Forks91

Last commit5 years ago

baneGo

A custom AppArmor profile generator for Docker containers that simplifies container security.

#container-security#devops#docker-security

Stars1.2k

Forks91

Last commit5 years ago

WhalerGo

A Go program that reverse engineers Docker images to reconstruct the original Dockerfile.

#container-security#passwords#devops

Stars1.2k

Forks104

Last commit2 months ago

railcarRust

A Rust implementation of the Open Containers Initiative runtime specification, providing memory-safe container execution.

#container-security#docker-backend#container-orchestration

Stars1.1k

Forks101

Last commit6 years ago

amicontainedGo

A container introspection tool that detects the container runtime and enumerates available security features.

#container-security#runtime-detection#libvirt

Stars1.1k

Forks72

Last commit5 years ago

Page 1 of 2

Related Tags

Community-curated · Updated weekly · 100% open source

Found a gem we're missing?

Open-Awesome is built by the community, for the community. Submit a project, suggest an awesome list, or help improve the catalog on GitHub.

Submit a project Star on GitHub