Alternatives and similar repositories for auditree-arboretum

Users that are interested in auditree-arboretum are comparing it to the libraries listed below

• ComplianceAsCode / auditree-framework
  The Auditree framework tool to run compliance control checks as unit tests.
  ☆71Updated last year
• GoComply / fedramp
  Open source tool for processing OSCAL based FedRAMP SSPs
  ☆43Updated 11 months ago
• niyonmaruz / fluent-plugin-osquery
  osquery input plugin
  ☆10Updated 6 years ago
• docker-archive / oscalkit
  NIST OSCAL SDK and CLI
  ☆38Updated 5 years ago
• square / spiffe-aws-assume-role
  This tool allows using a SPIFFE JWT to authenticate to AWS APIs
  ☆34Updated 2 months ago
• in-toto / community
  in-toto is a framework to secure the software supply chain.
  ☆71Updated 8 months ago
• grafeas / voucher
  🎟 Voucher creates attestations for Binary Authorization
  ☆74Updated last month
• GoogleCloudPlatform / inspec-gcp-pci-profile
  GCP PCI-DSS 3.2.1 InSpec Profile
  ☆18Updated 4 years ago
• oscal-compass / compliance-trestle-demos
  Demo setup for compliance-trestle
  ☆35Updated 3 weeks ago
• octarinesec / kccss
  Kubernetes Common Configuration Scoring System
  ☆123Updated 3 years ago
• opencontrol / schemas
  YAML schema, examples, and validators for OpenControl format.
  ☆75Updated 6 years ago
• hexa-org / policy-orchestrator
  Hexa Policy Orchestrator enables you to manage all of your access policies consistently across software providers.
  ☆103Updated 4 months ago
• rode / rode-legacy
  cloud native software supply chain ☁️🔗
  ☆63Updated 4 years ago
• falcosecurity-retire / kubernetes-response-engine
  ☆37Updated 4 years ago
• interlynk-io / sbomex
  SBOM Explorer - Discover and pull public SBOMs
  ☆20Updated 4 months ago
• snyk-labs / helm-snyk
  Check images in your charts for vulnerabilities
  ☆42Updated 3 months ago
• chainguard-dev / vex
  vexctl is a tool to attest VEX impact statements
  ☆45Updated 2 years ago
• oscal-compass / compliance-to-policy
  Compliance-to-Policy (C2P) provides the framework to bridge the gap between compliance and policy administration.
  ☆31Updated 6 months ago
• in-toto / attestation-verifier
  Prototype in-toto attestation verifier based on ITE-10 and ITE-11 layouts
  ☆17Updated this week
• GoogleCloudPlatform / config-validator
  Golang library which provides functionality to evaluate GCP resources against Rego-based policies
  ☆46Updated last month
• omnibor / site
  Website for OmniBOR, reproducible identifiers & fine-grained build dependency tracking for software artifacts.
  ☆21Updated 8 months ago
• mhausenblas / rback
  RBAC in Kubernetes visualizer
  ☆24Updated 6 years ago
• hashicorp / gaudit
  Github Audit Tool for Organizations
  ☆37Updated 2 months ago
• opencontrol / fedramp-templater
  EXPERIMENTAL: a template builder for FedRAMP System Security Plans
  ☆39Updated 5 years ago
• mhausenblas / the-container-security-book
  The Container Security Book—a free book for practitioners
  ☆82Updated 5 years ago
• MChorfa / awesome-cnab
  A curated list of awesome CNAB (Cloud Native Applications Bundles) | https://cnab.io/
  ☆16Updated 4 years ago
• oscal-compass / compliance-trestle
  An opinionated tooling platform for managing compliance as code, using continuous integration and NIST's OSCAL standard.
  ☆207Updated this week
• GoogleCloudPlatform / gke-application-security-demo
  This project demonstrates a series of best practices for improving the security of containerized applications deployed to Kubernetes Engi…
  ☆71Updated last year
• testifysec / witness-run-action
  ☆11Updated 2 weeks ago
• AkihiroSuda / instance-per-pod
  Create a dedicated IaaS instance per Pod to mitigate container breakout (including CPU vulnerabilities depending on the instance type)
  ☆22Updated 5 years ago