#Seccomp
Showing 18 of 18 repositories tagged #seccomp, ranked by stars
Slim(toolkit): Don't change anything in your container image and minify it by up to 30x (and for compiled languages even more) making it secure too! (free and open source)
Curated resources help you prepare for the CNCF/Linux Foundation CKS 2021 "Kubernetes Certified Security Specialist" Certification exam. Please provide feedback or requests by raising issues, or making a pull request. All feedback for improvements are welcome. thank you.
Provide powerful tools for seccomp analysis
A stupid game for learning about containers, capabilities, and syscalls.
The Kubernetes Security Profiles Operator
Lightweight, container-free sandbox for running commands with network and filesystem restrictions
vArmor is a cloud-native container hardening system that leverages AppArmor/BPF/Seccomp and NetworkProxy technologies to enforce access control from system calls to application protocols โ protecting workloads including AI Agents.
Tool and framework for securely reading untrusted USB mass storage devices.
A set of curated exercises to help you prepare for the CKS exam
The lightest AI sandbox. A process-based sandbox for Linux, no container, no VM, no privilege, no prompt injection
Container-free, deny-by-default sandbox for AI coding agents. Kernel-enforced filesystem, network, and syscall isolation for Linux and macOS
๐ Function-level tracing tool for Seccomp profiling, with eBPF
Go library for installing a seccomp BPF system call filter.
Build custom Docker seccomp profiles for containers by finding syscalls it uses.
Run AI coding agents in hardened container sandboxes.
A tool to resolve seccomp just like seccomp-tools, written in C
Process isolation for Linux using namespaces, resource limits, cgroups, landlock and seccomp.
xinetd-kafel is a more secure replacement for xinetd with secure computing (seccomp, only work on linux)