Checkmarx / chainalert-github-action
scans popular packages and alerts in cases there is suspicion of an account takeover
☆41Updated 3 years ago
Alternatives and similar repositories for chainalert-github-action:
Users that are interested in chainalert-github-action are comparing it to the libraries listed below
- Find which of your direct GitHub dependencies is susceptible to RepoJacking attacks☆58Updated 2 years ago
- Too many secrets (2MS) helps people protect their secrets on any file or on systems like CMS, chats and git☆89Updated last week
- DustiLock is a tool to find which of your dependencies is susceptible to a Dependency Confusion attack.☆37Updated 3 years ago
- A tool to check the security settings of Github Organizations.☆71Updated last year
- Mitigate security concerns of Dependency Confusion supply chain security risks☆46Updated 2 years ago
- Runtime Security Solution for your CI/CD Pipeline☆99Updated last week
- A comprehensive, systematic and actionable way to understand attacker behaviors and techniques with respect to the software supply chain☆91Updated last month
- A tool for preventing the installation of malicious PyPI and npm packages☆130Updated this week
- Generate a score for your sbom to understand if it will actually be useful.☆227Updated 7 months ago
- Scalable integrity framework for ABAC on AWS☆39Updated 2 weeks ago
- This open-source project tracks RED-LILI's activity over time as there are evidence the actor is still active. All information provided h…☆11Updated last year
- Dependency Combobulator☆93Updated last year
- ⚡️Snyk API powered import tool to help you automate & monitor a large scale import into Snyk organizations. Designed for onboarding with …☆39Updated last month
- Script to audit GitHub Action Workflow files for potential vulnerabilities.☆153Updated 7 months ago
- Sharing software supply chain security open source projects☆46Updated 2 years ago
- Focused malicious code detection ruleset, with a high protection-to-noise ratio☆111Updated last month
- Checkmarx CxFlow GitHub Action with SARIF output☆53Updated 2 months ago
- AI featured threat modeling and security review action☆43Updated 4 months ago
- This project is deprecated. Use https://github.com/returntocorp/semgrep instead☆73Updated 11 months ago
- Static analysis for CloudFormation templates to identify common misconfiguration☆57Updated 3 years ago
- ☆98Updated 3 weeks ago
- Collection of security best practices for package managers.☆162Updated 2 years ago
- 🧪 Correlate Semgrep scans with Python test coverage to prioritize SAST findings and get bug fix suggestions via a self-hosted LLM.☆39Updated 3 months ago
- Exports vulnerability scan data from the Checkmarx SAST platform for use in analytical tools.☆19Updated 4 months ago
- The source files and tools needed to build the OWASP Cornucopia decks in various languages☆61Updated this week
- [GitHub] A Command Line ToolKit for GitHub Security Alert.☆27Updated 4 months ago
- A repository of reports of malicious packages identified in Open Source package repositories, consumable via the Open Source Vulnerabilit…☆297Updated this week
- Scans every git push to your Github organisations to find unwanted secrets.☆87Updated last year
- Checkmarx Scan and Result Orchestration☆94Updated this week
- Feed parsing for language package manager updates☆77Updated 3 months ago