ComplianceAsCode / auditree-arboretumLinks
The Auditree common fetchers, checks and harvest reports library.
☆20Updated last year
Alternatives and similar repositories for auditree-arboretum
Users that are interested in auditree-arboretum are comparing it to the libraries listed below
Sorting:
- The Auditree framework tool to run compliance control checks as unit tests.☆71Updated last year
- Open source tool for processing OSCAL based FedRAMP SSPs☆43Updated 11 months ago
- osquery input plugin☆10Updated 6 years ago
- NIST OSCAL SDK and CLI☆38Updated 5 years ago
- This tool allows using a SPIFFE JWT to authenticate to AWS APIs☆34Updated 2 months ago
- in-toto is a framework to secure the software supply chain.☆71Updated 8 months ago
- 🎟 Voucher creates attestations for Binary Authorization☆74Updated last month
- GCP PCI-DSS 3.2.1 InSpec Profile☆18Updated 4 years ago
- Demo setup for compliance-trestle☆35Updated 3 weeks ago
- Kubernetes Common Configuration Scoring System☆123Updated 3 years ago
- YAML schema, examples, and validators for OpenControl format.☆75Updated 6 years ago
- Hexa Policy Orchestrator enables you to manage all of your access policies consistently across software providers.☆103Updated 4 months ago
- cloud native software supply chain ☁️🔗☆63Updated 4 years ago
- ☆37Updated 4 years ago
- SBOM Explorer - Discover and pull public SBOMs☆20Updated 4 months ago
- Check images in your charts for vulnerabilities☆42Updated 3 months ago
- vexctl is a tool to attest VEX impact statements☆45Updated 2 years ago
- Compliance-to-Policy (C2P) provides the framework to bridge the gap between compliance and policy administration.☆31Updated 6 months ago
- Prototype in-toto attestation verifier based on ITE-10 and ITE-11 layouts☆17Updated this week
- Golang library which provides functionality to evaluate GCP resources against Rego-based policies☆46Updated last month
- Website for OmniBOR, reproducible identifiers & fine-grained build dependency tracking for software artifacts.☆21Updated 8 months ago
- RBAC in Kubernetes visualizer☆24Updated 6 years ago
- Github Audit Tool for Organizations☆37Updated 2 months ago
- EXPERIMENTAL: a template builder for FedRAMP System Security Plans☆39Updated 5 years ago
- The Container Security Book—a free book for practitioners☆82Updated 5 years ago
- A curated list of awesome CNAB (Cloud Native Applications Bundles) | https://cnab.io/☆16Updated 4 years ago
- An opinionated tooling platform for managing compliance as code, using continuous integration and NIST's OSCAL standard.☆207Updated this week
- This project demonstrates a series of best practices for improving the security of containerized applications deployed to Kubernetes Engi…☆71Updated last year
- ☆11Updated 2 weeks ago
- Create a dedicated IaaS instance per Pod to mitigate container breakout (including CPU vulnerabilities depending on the instance type)☆22Updated 5 years ago