2 Repos
Systems for managing which software is permitted to run on a host based on security policies.
Distinct from Application Access Controls: Candidates were either network-level access controls or non-security lifecycle controllers.
Explore 2 awesome GitHub repositories matching security & cryptography · Application Execution Controls. Refine with filters or upvote what's useful.
Harden-Windows-Security is a security hardening tool and framework designed to reduce the attack surface of the Windows operating system through policy enforcement. It provides a collection of security presets and templates to implement official hardening standards across multiple devices. The project distinguishes itself through a comprehensive execution control system, featuring a manager for Windows Application Control and a kernel protection suite. It implements strict trust models, including kernel-mode driver whitelisting, signed policy implementation on the EFI partition, and code inte
Manages application control settings to prevent the execution of unauthorized or malicious software.
Inspektor Gadget is an eBPF observability toolset and program framework designed for tracing Linux systems and debugging Kubernetes nodes. It provides a suite of tools to collect kernel-level telemetry and export system metrics via the OpenTelemetry standard. The project distinguishes itself by packaging inspection tools as OCI-compliant container images, allowing for standardized distribution and deployment across clusters and hosts. It employs a modular data processing pipeline that utilizes WebAssembly modules to transform and filter telemetry, and leverages Compile Once Run Everywhere for
Manages which specific inspection programs are permitted to run on the host to maintain system stability.