Checkmarx / kics

Related projects ⓘ

Alternatives and complementary repositories for kics

• openclarity / openclarity
  OpenClarity is an open source tool built to enhance security and observability of cloud native applications and infrastructure
  ☆1,350Updated this week
• aquasecurity / tfsec
  Tfsec is now part of Trivy
  ☆6,718Updated last month
• controlplaneio / kubesec
  Security risk analysis for Kubernetes resources
  ☆1,240Updated this week
• ShiftLeftSecurity / sast-scan
  Scan is a free & Open Source DevSecOps tool for performing static analysis based security testing of your applications and its dependenci…
  ☆808Updated last year
• tenable / terrascan
  Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.
  ☆4,767Updated last week
• vchinnipilli / kubestriker
  A Blazing fast Security Auditing tool for Kubernetes
  ☆991Updated 7 months ago
• fugue / regula
  Regula checks infrastructure as code templates (Terraform, CloudFormation, k8s manifests) for AWS, Azure, Google Cloud, and Kubernetes se…
  ☆962Updated 2 months ago
• aquasecurity / starboard
  Moved to https://github.com/aquasecurity/trivy-operator
  ☆1,354Updated 2 weeks ago
• devsecopsmaturitymodel / DevSecOps-MaturityModel
  ☆494Updated this week
• cyberark / KubiScan
  A tool to scan Kubernetes cluster for risky permissions
  ☆1,323Updated last week
• aquasecurity / kube-hunter
  Hunt for security weaknesses in Kubernetes clusters
  ☆4,764Updated 8 months ago
• aquasecurity / trivy-operator
  Kubernetes-native security toolkit
  ☆1,281Updated this week
• anchore / anchore-engine
  A service that analyzes docker images and scans for vulnerabilities
  ☆1,587Updated last year
• controlplaneio / simulator
  Kubernetes Security Training Platform - focusing on security mitigation
  ☆932Updated 2 months ago
• aquasecurity / chain-bench
  An open-source tool for auditing your software supply chain stack for security compliance based on a new CIS Software Supply Chain benchm…
  ☆728Updated 4 months ago
• aquasecurity / trivy-action
  Runs Trivy as GitHub action to scan your Docker container image for vulnerabilities
  ☆832Updated this week
• nccgroup / PMapper
  A tool for quickly evaluating IAM permissions in AWS.
  ☆1,433Updated 3 months ago
• ksoclabs / awesome-kubernetes-security
  A curated list of awesome Kubernetes security resources
  ☆905Updated 11 months ago
• open-policy-agent / conftest
  Write tests against structured configuration data using the Open Policy Agent Rego query language
  ☆2,877Updated last week
• OWASP / DevSecOpsGuideline
  The OWASP DevSecOps Guideline can help us to embedding security as a part of the development pipeline.
  ☆848Updated 4 months ago
• inguardians / peirates
  Peirates - Kubernetes Penetration Testing tool
  ☆1,243Updated last month
• zegl / kube-score
  Kubernetes object analysis with recommendations for improved reliability and security. kube-score actively prevents downtime and bugs in …
  ☆2,789Updated last week
• Legit-Labs / legitify
  Detect and remediate misconfigurations and security risks across all your GitHub and GitLab assets
  ☆775Updated last week
• nccgroup / ScoutSuite
  Multi-Cloud Security Auditing Tool
  ☆6,740Updated last month
• aws-samples / hardeneks
  Runs checks to see if an EKS cluster follows EKS Best Practices.
  ☆862Updated this week
• sigstore / cosign
  Code signing and transparency for containers and binaries
  ☆4,516Updated this week