toe

toe

Model checking the BPF verifier

a project by shunghsiyu

Project Description

BPF verifier plays a crucial role in securing the system (though less so now that unprivileged BPF is disabled by default in both upstream and SLES), and bugs in the verifier has lead to privilege escalation vulnerabilities in the past (e.g. CVE-2021-3490).

Updated 5 months ago. 5 hacker ♥️. 3 followers.

Predefined app security policy template for NeuVector

an idea by feih

Project Description

Idea is to predefine a set of security policies for popular container applications just for example MySQL, Nginx etc..., with these predefined security policies, users can just download unpack it to use. No need to worry too much about detailed security settings/configurations for this application container. The policies could be any policies that Kubernetes supported and/or NeuVector supported.

Updated 5 months ago. 2 hacker ♥️. 3 followers. Has no hacker: grab it!

Port NeuVector zero-trust security functions to host/VM

an idea by feih

Project Description

Today, NeuVector only support container environment. It does a lot of security functions and many of those are actually not limited to only protect containers technically. Sometimes, we are seeing requests/asks about providing similar functions to protect servers & VMs. So, it is technically possible. Some of the zero-trust security protections are still pretty unique if we port it over to host/VM side. Welcome if you are interested to help and give it a try!

Updated 5 months ago. 5 hacker ♥️. 3 followers. Has no hacker: grab it!
0
2
0
16

Looking for projects around:

security

Activity

  • 5 months ago: toe liked The 5 days of Hackweek
  • 5 months ago: toe liked Kanidm - Account Policy
  • 5 months ago: toe liked Rust based mini webserver with all the modern bells and whistles
  • about 1 year ago: toe liked High Available NFS Cluster Concept
  • about 1 year ago: toe liked Salt formula for Certhub
  • almost 2 years ago: toe joined openSUSE build supported by SUSE IT
  • almost 2 years ago: toe liked FIDO2 emulation
  • almost 2 years ago: toe liked Kanidm - Modern Opensource Identity Management
  • almost 2 years ago: toe liked openSUSE build supported by SUSE IT
  • about 3 years ago: toe liked Loganalyzer/LIDS with OSSEC
  • about 3 years ago: toe liked Rust Bootcamp
  • about 3 years ago: toe liked Send to Hell
  • about 3 years ago: toe liked Create ansible roles for generic server stuff
  • about 3 years ago: toe liked Kanidm - A modern opensource IDM
  • about 3 years ago: toe liked Zero Trust vSphere Provisioning from Rancher
  • about 3 years ago: toe liked Performance profile and possibly improve Jitsi web client
  • about 3 years ago: toe started Diving into Qubes OS
  • about 3 years ago: toe liked Diving into Qubes OS