lockc
lockc is open source sofware for providing MAC (Mandatory Access Control) type of security audit for container workloads.
The main technology behind lockc is eBPF - to be more precise, its ability to attach to LSM hooks
License for eBPF programs: GPLv2
License for userspace part: Apache-2.0
Please note that currently lockc is an experimental project, not meant for production environment and without any official binaries or packages to use - currently the only way to use it is building from sources.