Real Sandbox Containers Logo

Real Sandbox Containers

0
Free
Visit Website

Ramblings from Jessie: Getting Towards Real Sandbox Containers Sunday, May 1, 2016 · 5 min read - Containers are all the rage right now, utilizing Linux primitives like user namespaces and seccomp to create application sandboxes. - Chrome sandbox is a familiar example, using user namespaces and seccomp, similar to container features. - Key difference: Chrome runs as unprivileged user, while most containers run as root, requiring root privileges for creation and execution.

FEATURES

ALTERNATIVES

Gatekeeper is a policy management tool for Kubernetes that provides an extensible, parameterized policy library and native Kubernetes CRDs for instantiating and extending the policy library.

Open-source policy-as-code software for multi-cloud and SaaS environments with GPT model conversations and custom analysis policies.

Conmachi is a Golang tool for scanning container environments for security issues.

A dynamic infrastructure framework for efficient multi-cloud security operations and distributed scanning.

A cloud native security platform that uses behavioral fingerprinting and runtime verification to detect threats across Kubernetes environments, cloud infrastructure, and software supply chains.

Commercial

A security tool to identify interesting files in AWS S3 buckets

Golang client for querying SecurityTrails API data

A tool for identifying security issues in CloudFormation templates.