Checkmarx / chainalert-github-actionLinks
scans popular packages and alerts in cases there is suspicion of an account takeover
☆42Updated 3 years ago
Alternatives and similar repositories for chainalert-github-action
Users that are interested in chainalert-github-action are comparing it to the libraries listed below
Sorting:
- Mitigate security concerns of Dependency Confusion supply chain security risks☆48Updated last month
- Generate a score for your sbom to understand if it will actually be useful.☆231Updated 11 months ago
- boostsecurityio/poutine☆308Updated last week
- A repository of reports of malicious packages identified in Open Source package repositories, consumable via the Open Source Vulnerabilit…☆324Updated this week
- A tool to check the security settings of Github Organizations.☆72Updated 2 years ago
- Detect and remediate misconfigurations and security risks across all your GitHub and GitLab assets☆815Updated 4 months ago
- GitHub action to generate a CycloneDX SBOM for Node.js☆22Updated last month
- This project is deprecated. Use https://github.com/returntocorp/semgrep instead☆73Updated last year
- ☆81Updated 6 months ago
- Too many secrets (2MS) helps people protect their secrets on any file or on systems like CMS, chats and git☆96Updated this week
- A tool for preventing the installation of malicious npm and PyPI packages☆155Updated this week
- A flexible framework for security teams to build and deploy AI-powered workflows that complement their existing security operations.☆104Updated this week
- Scans Software Bill of Materials (SBOMs) for security vulnerabilities☆576Updated 4 months ago
- How GitHub Actions workflows can be hacked☆163Updated 11 months ago
- Runtime Security Solution for your CI/CD Pipeline☆108Updated 2 months ago
- JavaScript & Node.js open-source SAST scanner. A static analyser for detecting most common malicious patterns 🔬.☆253Updated last week
- DustiLock is a tool to find which of your dependencies is susceptible to a Dependency Confusion attack.☆39Updated 3 years ago
- A tool to automatically build a dependency graph and Software Bill of Materials (SBOM) for packages and arbitrary source code repositorie…☆365Updated 7 months ago
- A compilation of resources in the software supply chain security domain, with emphasis on open source☆327Updated 2 years ago
- Script to audit GitHub Action Workflow files for potential vulnerabilities.☆155Updated 11 months ago
- Focused malicious code detection ruleset, with a high protection-to-noise ratio☆123Updated 5 months ago
- GitHub Actions Goat: Deliberately Vulnerable GitHub Actions CI/CD Environment☆478Updated last month
- Collection of tools for analyzing open source packages.☆350Updated last week
- ⚡️Snyk API powered import tool to help you automate & monitor a large scale import into Snyk organizations. Designed for onboarding with …☆41Updated 2 months ago
- Tool to export test reports from the Snyk CLI to HTML.☆98Updated this week
- Find which of your direct GitHub dependencies is susceptible to RepoJacking attacks☆59Updated 3 years ago
- The security workflow engine!☆119Updated this week
- OpenSSF Security Tooling Working Group☆313Updated last month
- Scans your Github Actions for security issues☆78Updated this week
- 🧪 Correlate Semgrep scans with Python test coverage to prioritize SAST findings and get bug fix suggestions via a self-hosted LLM.☆40Updated 8 months ago