Checkmarx / chainalert-github-actionLinks
scans popular packages and alerts in cases there is suspicion of an account takeover
☆42Updated 3 years ago
Alternatives and similar repositories for chainalert-github-action
Users that are interested in chainalert-github-action are comparing it to the libraries listed below
Sorting:
- creates CycloneDX Software-Bill-of-Materials (SBOM) from node-based projects☆133Updated 2 weeks ago
- A tool to check the security settings of Github Organizations.☆72Updated 2 years ago
- Mitigate security concerns of Dependency Confusion supply chain security risks☆49Updated 2 months ago
- Tool to export test reports from the Snyk CLI to HTML.☆101Updated last week
- Too many secrets (2MS) helps people protect their secrets on any file or on systems like CMS, chats and git☆118Updated this week
- Runtime Security Solution for your CI/CD Pipeline☆108Updated 2 months ago
- Generate a score for your sbom to understand if it will actually be useful.☆232Updated last year
- boostsecurityio/poutine☆313Updated this week
- GitHub action to generate a CycloneDX SBOM for Node.js☆22Updated last month
- Scans your Github Actions for security issues☆83Updated last week
- This project is deprecated. Use https://github.com/returntocorp/semgrep instead☆73Updated last year
- A Python client for the Snyk API.☆100Updated last year
- GitGuardian Canary Tokens☆137Updated 2 months ago
- Feed parsing for language package manager updates☆78Updated 8 months ago
- DustiLock is a tool to find which of your dependencies is susceptible to a Dependency Confusion attack.☆39Updated 3 years ago
- 🧪 Correlate Semgrep scans with Python test coverage to prioritize SAST findings and get bug fix suggestions via a self-hosted LLM.☆40Updated 8 months ago
- Script to audit GitHub Action Workflow files for potential vulnerabilities.☆156Updated last year
- A GitHub Action that creates a SBOM from your application so you can meet compliance and security requirements. Add this to your dev, sta…☆25Updated 2 years ago
- A broker system between a public service and a private service☆111Updated last week
- Static analysis for CloudFormation templates to identify common misconfiguration☆57Updated 3 years ago
- Find security vulnerabilities in open source npm packages while you code☆209Updated 3 years ago
- A tool for preventing the installation of malicious npm and PyPI packages☆158Updated this week
- [GitHub] A Command Line ToolKit for GitHub Security Alert.☆27Updated last month
- OpenSSF Security Tooling Working Group☆313Updated last month
- A repository of reports of malicious packages identified in Open Source package repositories, consumable via the Open Source Vulnerabilit…☆329Updated this week
- A flexible framework for security teams to build and deploy AI-powered workflows that complement their existing security operations.☆111Updated this week
- Security advisories for Node.js and the JavaScript ecosystem.☆41Updated 4 years ago
- 🌍 Normalized repository URLs for every package in the npm registry. Updated daily.☆89Updated this week
- ☆83Updated 7 months ago
- A comprehensive, systematic and actionable way to understand attacker behaviors and techniques with respect to the software supply chain☆95Updated 6 months ago