Mastodawn

Attending the #kunai workshop at @BSidesLuxembourg held by @qjerome from circle.lu.
kunai is a #Linux security monitoring tool, that very finely grained logs events from the kernel using #eBPF.
Interesting alternative to #auditd, #falco, #tetragon, #tracee, #auditbeats, or #SysmonForLinux.
I'd love to see a write-up with a compairson of all them.

https://kunai.rocks/

Bring your Linux Threat-Hunting capabilities to the next level | Kunai

Description will go into a meta tag in <head />

devguy

Mar 21, 2023

☝️🛎️I'm glad to announce that the #tracee project by @aquasecteam is signed by #cosign by @sigstore to guarantee that it has not been tampered with by having strong integrity ⛓️🆔
https://github.com/aquasecurity/tracee/pull/2607

sign container images with cosign by developer-guy · Pull Request #2607 · aquasecurity/tracee

Signed-off-by: Batuhan Apaydın [email protected] This PR aims to sign tracee container images with cosign using the keyless approach, which avoids the hassle of securely keeping our priv...

GitHub

Sam' 🐧Nov 13, 2022

#Tracee Newly Released Rules Detect Attackers Out-of-the-Box https://blog.aquasec.com/tracee-rules-detect-attackers-out-of-the-box

Tracee Newly Released Rules Detect Attackers Out-of-the-Box

Tracee now detects suspicious behavior at runtime with an extensive data collection and rules engine with a revised signature library for an array of scenarios