This is the Operator for Open Policy Agent’s (OPA) Gatekeeper, which helps package, deploy, and manage Kubernetes native applications by building automation into a controller that helps perform initial operations such as installation, but also administrative...
A non-profit, public good software signing & transparency service The sigstore project’s goal is to provide a public a non-profit, public good service to improve the open source software supply chain by easing the adoption of cryptographic software signing, backed...
Project Thoth is developed in the AI Center of Excellence at Red Hat and it aims at providing recommendations on Python software stacks, runtime environments, and deployment configurations to developers and DevOps engineers through different types of integrations...
Keylime is a highly scalable remote boot attestation and runtime integrity measurement solution. It enables users to monitor remote nodes using a hardware-based cryptographic root of trust. Keylime provides a way to build trust in a remote machine, using cryptographic...
Chains is a security subsystem of the Kubernetes Tekton CI/CD pipeline. Chains will enable Tekton continuous delivery to securely capture metadata about PipelineRun and TaskRun execution for post-run auditing. This can then be used for binary provenance and verifiable...