Projects in the topic security


Model checking the BPF verifier

a project by shunghsiyu

Project Description

BPF verifier plays a crucial role in securing the system (though less so now that unprivileged BPF is disabled by default in both upstream and SLES), and bugs in the verifier has lead to privilege escalation vulnerabilities in the past (e.g. CVE-2021-3490).

Updated 8 months ago. 5 hacker ♥️. 3 followers.

Predefined app security policy template for NeuVector

an idea by feih

Project Description

Idea is to predefine a set of security policies for popular container applications just for example MySQL, Nginx etc..., with these predefined security policies, users can just download unpack it to use. No need to worry too much about detailed security settings/configurations for this application container. The policies could be any policies that Kubernetes supported and/or NeuVector supported.

Updated 8 months ago. 2 hacker ♥️. 3 followers. Has no hacker: grab it!

Port NeuVector zero-trust security functions to host/VM

an idea by feih

Project Description

Today, NeuVector only support container environment. It does a lot of security functions and many of those are actually not limited to only protect containers technically. Sometimes, we are seeing requests/asks about providing similar functions to protect servers & VMs. So, it is technically possible. Some of the zero-trust security protections are still pretty unique if we port it over to host/VM side. Welcome if you are interested to help and give it a try!

Updated 8 months ago. 5 hacker ♥️. 3 followers. Has no hacker: grab it!