https://github.com/edera-dev/am-i-isolated
Container security benchmarking tool
https://github.com/edera-dev/am-i-isolated
Last synced: 6 months ago
JSON representation
Container security benchmarking tool
- Host: GitHub
- URL: https://github.com/edera-dev/am-i-isolated
- Owner: edera-dev
- License: apache-2.0
- Created: 2024-10-18T21:19:04.000Z (7 months ago)
- Default Branch: main
- Last Pushed: 2024-10-23T17:44:24.000Z (7 months ago)
- Last Synced: 2024-10-24T01:45:19.064Z (7 months ago)
- Language: Rust
- Size: 28.3 KB
- Stars: 2
- Watchers: 3
- Forks: 1
- Open Issues: 7
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
- awesome-repositories - edera-dev/am-i-isolated - Validate the isolation posture of your container environment. (Rust)
README
# *Am I Isolated*
*Am I Isolated* is a security posture benchmarking tool.
It evaluates a given runtime environment and attempts to look for things
which may be a security problem, as well as providing suggestions for
solving the security problem.
Security is a rapidly evolving space: it is intended that *Am I Isolated* is
updated over time to incorporate new and relevant security research
relating to jailing containers.
*Am I Isolated* is also still a work in progress and does not yet incorporate
tests for all possible container security problems. Current work is
focused on providing enough data in a digestable format, rather than
overwhelming security engineers and CISOs with too much data.
## Using *Am I Isolated*
In general you will want to use the OCI image:
```sh
docker run --rm -it ghcr.io/edera-dev/am-i-isolated:nightly
```
To detect isolation gaps in your Kubernetes environments, you can run it as a Pod
```sh
apiVersion: v1
kind: Pod
metadata:
name: am-i-isolated
spec:
containers:
- name: am-i-isolated
image: "ghcr.io/edera-dev/am-i-isolated:nightly"
```
And fetch the logs for the results
```sh
kubectl logs am-i-isolated
```
You can also build and run directly with Cargo.