🔐 Docker Container for Penetration Testing & Security
Auditing & Hardening script for Kubernetes
CentOS based Docker Security Architecture
Canonical template for Red Hat UBI 9 application image repositories that build minimal ubi-micro OCI images from pinned inputs (UBI base @sha256 + NVR-pinned dnf packages), with SBOM/provenance, Sigstore signing evidence, OpenSCAP RHEL9 STIG scoring, and runtime hardening checks.
Local-first AI agent framework with 5-layer container hardening. Runs Ollama models offline behind iptables, DNS sinkhole, seccomp, and read-only rootfs. No cloud, no telemetry, no API keys.
Red Hat UBI 9 (ubi-micro) HashiCorp Vault image built from verified upstream Vault releases with SBOM, provenance, OpenSCAP RHEL9 STIG scoring, and Sigstore signing evidence.
Docker Image Hardening Lab focused on container security best practices using vulnerable vs hardened Dockerfiles, multi-stage builds, Alpine optimization, Trivy vulnerability scanning, Docker Bench for Security, non-root containers, and image size reduction.
Red Hat UBI 9 (ubi-micro) OCI image of the AWS IAM Roles Anywhere signing helper; the serve-mode sidecar that vends short-lived STS credentials for HashiCorp Vault KMS auto-unseal on self-hosted clusters. Built from source with the FIPS 140-3 Go Cryptographic Module (GOFIPS140, Go CMVP).
Add a description, image, and links to the container-hardening topic page so that developers can more easily learn about it.
To associate your repository with the container-hardening topic, visit your repo's landing page and select "manage topics."