Heimdall is an open source eBPF-powered security framework that dynamically enforces container-specific policies, providing fine-grained control over system calls, file system access, and privilege escalation attempts in Docker containers.
- Syscall Filtering: Block specific syscalls to prevent malicious actions.
- Filesystem Access Control: Restrict access to sensitive directories and files.
- Privilege Escalation Prevention: Block attempts to escalate privileges within containers.
- Per-Container Policies: Define and enforce unique security policies for each container.
- Real-Time Policy Updates: Dynamically update policies without restarting containers.
To build the project run:
make allThis is will give an executable file called heimdall
sudo ./heimdall --help