Checkmarx / chainalert-github-actionLinks
scans popular packages and alerts in cases there is suspicion of an account takeover
☆41Updated 3 years ago
Alternatives and similar repositories for chainalert-github-action
Users that are interested in chainalert-github-action are comparing it to the libraries listed below
Sorting:
- Mitigate security concerns of Dependency Confusion supply chain security risks☆49Updated 2 months ago
- This project is deprecated. Use https://github.com/returntocorp/semgrep instead☆74Updated last year
- Too many secrets (2MS) helps people protect their secrets on any file or on systems like CMS, chats and git☆128Updated this week
- A repository of reports of malicious packages identified in Open Source package repositories, consumable via the Open Source Vulnerabilit…☆345Updated this week
- Generate a score for your sbom to understand if it will actually be useful.☆233Updated last year
- A tool to check the security settings of Github Organizations.☆72Updated 2 years ago
- A command line CWE discovery tool based on OWASP / CAPSEC database of Common Weakness Enumeration.☆62Updated 3 months ago
- Find security vulnerabilities in open source npm packages while you code☆210Updated 3 years ago
- boostsecurityio/poutine☆324Updated 3 weeks ago
- Scans your Github Actions for security issues☆86Updated 2 weeks ago
- Runtime Security Solution for your CI/CD Pipeline☆109Updated 3 months ago
- 🌍 Normalized repository URLs for every package in the npm registry. Updated daily.☆89Updated this week
- GitHub action to generate a CycloneDX SBOM for Node.js☆22Updated 2 months ago
- Find which of your direct GitHub dependencies is susceptible to RepoJacking attacks☆59Updated 3 years ago
- Feed parsing for language package manager updates☆78Updated 9 months ago
- The OpenSSF Vulnerability Disclosures Working Group seeks to help improve the overall security of the open source software ecosystem by h…☆198Updated 3 weeks ago
- This open-source project tracks RED-LILI's activity over time as there are evidence the actor is still active. All information provided h…☆11Updated 2 years ago
- A compilation of resources in the software supply chain security domain, with emphasis on open source☆331Updated 2 years ago
- Protect your secrets using Gitleaks-Action☆449Updated 2 months ago
- OpenSSF Security Tooling Working Group☆316Updated 2 months ago
- A broker system between a public service and a private service☆111Updated 2 weeks ago
- Collection of security best practices for package managers.☆164Updated 3 years ago
- ⚡️Snyk API powered import tool to help you automate & monitor a large scale import into Snyk organizations. Designed for onboarding with …☆42Updated last month
- Detect and remediate misconfigurations and security risks across all your GitHub and GitLab assets☆814Updated 5 months ago
- The OpenSSF CVE Benchmark consists of code and metadata for over 200 real life CVEs, as well as tooling to analyze the vulnerable codebas…☆151Updated last year
- Script to audit GitHub Action Workflow files for potential vulnerabilities.☆156Updated last year
- A reading list for software supply-chain security.☆364Updated 2 years ago
- ☆86Updated 8 months ago
- A documentation and tracking project with the goal of making package management systems more secure.☆51Updated 4 years ago
- Our objective is to enable open source maintainers, contributors and end-users to understand and make decisions on the provenance of the …☆189Updated last year