-
An extension for [Rancher Manager](https://github.com/rancher/rancher) (^v2.7.0) which allows you to interact with KubeArmor.
**Initial Scope**
- [ ] Installation
- [ ] Manager to See and apply P…
-
### Issue Description
Having `github.com/containers/podman/v5/pkg/bindings/containers` as one of the imports in a Go executable will make it fail if used as an OCI hook when running Podman rootless. …
-
Kubearmor connects to the container-runtime to get the mount-namespace and other details (for eg, container image details etc).
These details are used subsequently in the telemetry/log enrichment. Fo…
-
## Feature Request
**Short Description**
Currently, KubeArmor policies selects resource on the basis of `matchLabels`. On a large scale deployment selecting resources with `matchLabels` won't he…
-
### Description
We currently test container runtime security with KubeArmor running in Kubernetes. However, KubeArmor also has the capability to secure Kubernetes nodes. As well as run in non-kuberne…
-
I am trying to understand the differences between Falco and tetragon. Let’s say, falco is meant for this and it cannot do this like tetragon. Can I get some help? Kindly try to provide elaborate answe…
-
## Feature Request
### Description
**Kubernetes dashboard**
The Kubernetes dashboard provides a mechanism for creating custom plugins - [ref](https://github.com/kubernetes/dashboard/blob/master/d…
-
Generate zero-trust policies generated by the discovery engine based on application behaviour
The attacks that can be mitigated are:
- Exploit public-facing applications
- Registration of malicious…
-
## Feature Request
**Short Description**
Kubearmor is running as cluster admin, we should inventory the needed permissions and create a kubearmor role ( leeast privilege principle)
**Is your …
-
# Generating Kyverno policies dynamically using KubeArmor
The aim of the project is to integerate Kyverno and KubeArmor by generating Kyverno policies thorugh the runtime data that KubeArmor can pr…