(1)
Sealed Secrets is a Kubernetes controller and tool for one-way encrypted Secrets.
4h
100K+
A Kubernetes utility to identify optimal resource requests and limits using Vertical Pod Autoscalers.
10h
100K+
A reverse proxy that provides authentication using OAuth2 and OIDC providers.
10h
100K+
OpenFGA is an open source Fine Grained Authorization solution that implements Google's Zanzibar paper, helping you manage complex authorization rules in your applications.
4h
100K+
Lacework is cloud security for AWS, Azure, GCP and other public and private cloud.
1m
1B+
23
The Kyverno Command Line Interface (CLI) is designed to validate and test policy behavior to resources prior to adding them to a cluster.
10h
100K+
Grype is a vulnerability scanner for container images and filesystems. It provides fast and accurate vulnerability detection with support for multiple package ecosystems and output formats.
4h
100K+
OPA is a policy engine that streamlines policy management across your stack for improved development, security and audit capability.
4h
100K+
OpenID Connect (OIDC) identity and OAuth 2.0 provider with pluggable connectors
10h
100K+
Syft is a CLI tool and Go library for generating Software Bill of Materials (SBOM) from container images and filesystems with support for multiple output formats and package ecosystems.
10h
100K+
TruffleHog is a secrets scanning tool that finds credentials, API keys, and sensitive data in git repositories, filesystems, S3 buckets, and more. Written in Go.
10h
100K+
Docker Distribution registry for storing and distributing container images within Harbor
10h
100K+
SonarQube is a self-managed, automatic code review tool that systematically helps you deliver clean code.
10h
100K+
Kyverno Readiness Checker is a component that checks the readiness of a Kyverno installation
10h
100K+
Notation is a CLI tool for signing and verifying OCI artifacts with trust policies and plugin-based key management.
4h
100K+
Vault is a tool for securely accessing secrets.
4h
100K+
Please refer to the docker/ucp image for more information
6y
500M+
4
Tailscale lets you securely connect devices and containers without exposing them to the public internet.
10h
100K+
A reverse proxy that provides authentication using OAuth2 and OIDC providers.
4h
100K+
Kyverno is a Kubernetes Native Policy Management engine.
10h
100K+
Sidecar for managing OPA instances in Kubernetes.
10h
100K+
The official image for monitoring systems, containers and applications with Netdata.
21h
500M+
570
Polaris is an open source policy engine for Kubernetes that validates and remediates resource configuration. It includes 30+ built in configuration policies, as well as the ability to build custom policies with JSON Schema. When run on the command line or as a mutating webhook, Polaris can automatically remediate issues based on policy criteria.
10h
50K+
Kubernetes-native security toolkit that leverages Trivy to continuously scan your Kubernetes cluster for security issues.
10h
50K+
This chart installs resources shared by all Istio revisions. This includes Istio CRDs.
4h
50K+
Gitleaks is a SAST tool for detecting and preventing hardcoded secrets like passwords, API keys, and tokens in git repos. Written in Go.
10h
50K+