Show HN: Kloak, A secret manager that keeps K8s workload away from secrets
Category: security
Tags: kubernetes, secret-management, ebpf, security, tls-intercept
Score: 8.0/10 (Innovation: 8, Technical: 9, Documentation: 8, Utility: 7)
Kloak is an agentless Kubernetes secret manager that uses eBPF uprobes to intercept TLS traffic at the kernel level, injecting real secrets only at encryption time so applications never handle sensitive credentials. Its innovative combination of eBPF, DNS-verified trust chains, and transparent secret injection without sidecars or code changes makes it a compelling solution for high-security Kubernetes environments.
Target audience: devops, platform engineers, security engineers
Repository: https://getkloak.io/ · C · AGPL-3.0 · 88 stars
View on Hacker News