awesome-repositories.com
Blog
awesome-repositories.com

Descubre los mejores repositorios open-source con nuestra búsqueda potenciada por IA.

ExplorarBúsquedas curadasAlternativas open-sourceSoftware autohospedableBlogMapa del sitio
ProyectoAcerca deCómo clasificamosPrensaServidor MCP
Aviso legalPrivacidadTérminos
© 2026 Bringes Technology SRL·VAT RO45896025·hello@awesome-repositories.com
·

2 repositorios

Awesome GitHub RepositoriesContainer Surface Reduction

The process of minimizing the attack surface of a container by removing unnecessary binaries and tools.

Distinct from Attack Surface Analysis: Distinct from general Attack Surface Analysis as it focuses on the concrete removal of components from the image.

Explore 2 awesome GitHub repositories matching security & cryptography · Container Surface Reduction. Refine with filters or upvote what's useful.

Awesome Container Surface Reduction GitHub Repositories

Encuentra los mejores repositorios con IA.Buscaremos los repositorios que mejor coincidan usando IA.
  • googlecloudplatform/distrolessAvatar de GoogleCloudPlatform

    GoogleCloudPlatform/distroless

    22,774Ver en GitHub↗

    Distroless provides a set of OCI-compliant minimal base images and hardening tools designed to create secure, language-specific execution environments. These images are stripped of non-essential system binaries, shells, and package managers to reduce the container attack surface. The project utilizes upstream-tracked automated patching to monitor operating system releases and generate updated images when security vulnerabilities are addressed. It ensures supply chain integrity through image provenance verification using ephemeral-key digital signatures. The system supports the generation of

    Limits security exploit vectors by removing shells, package managers, and unnecessary binaries from images.

    Starlark
    Ver en GitHub↗22,774
  • unikraft/unikraftAvatar de unikraft

    unikraft/unikraft

    3,733Ver en GitHub↗

    Unikraft is a modular library operating system and unikernel framework designed to compile applications into minimal, bootable virtual machine images. It serves as an OCI-compliant image builder and a cloud-native hypervisor target, enabling the creation of specialized runtimes that include only the specific drivers and libraries required by a single application. The system features a Linux compatibility layer that maps standard API calls and POSIX standards to unikernel libraries, allowing unmodified binaries to run without a full general-purpose kernel. It distinguishes itself by allowing c

    Minimizes the attack surface by removing unnecessary shells and services from the runtime environment.

    Capplicationcloudcloud-native
    Ver en GitHub↗3,733
  1. Home
  2. Security & Cryptography
  3. Attack Surface Analysis
  4. Container Surface Reduction