CycodeLabs / GitOpsSecurityChampionLinks
Collection of security best practices to secure GitOps workflows
☆25Updated 9 months ago
Alternatives and similar repositories for GitOpsSecurityChampion
Users that are interested in GitOpsSecurityChampion are comparing it to the libraries listed below
Sorting:
- Validate the isolation posture of your container environment.☆298Updated 3 weeks ago
- All-in-one auditing toolkit for identifying common security issues in managed Kubernetes environments. Currently supports Amazon EKS.☆361Updated last month
- OWASP Foundation Web Respository☆590Updated last year
- Run Falco in a GitHub Actions to detect suspicious behavior in your CI/CD☆42Updated 2 months ago
- Detect and remediate misconfigurations and security risks across all your GitHub and GitLab assets☆816Updated 5 months ago
- 🧰 Multi Tool Kubernetes Pentest Image☆245Updated last week
- Tool for building Kubernetes attack paths☆905Updated last month
- GitGoat is an open source tool that was built to enable DevOps and Engineering teams to design and implement a sustainable misconfigurati…☆170Updated 7 months ago
- Practical resources for offensive CI/CD security research. Curated the best resources I've seen since 2021.☆537Updated 6 months ago
- Kubernetes tool for scanning clusters for network policies and identifying unprotected workloads.☆443Updated last week
- CNAPPgoat is an open source project designed to modularly provision vulnerable-by-design components in cloud environments.☆288Updated last year
- CI/CD Security Analyzer☆669Updated 6 months ago
- GitHub Attack Toolkit - Extreme Edition - A static analysis and exploit toolkit for GitHub Actions.☆396Updated this week
- Evaluate the RBAC permissions of Kubernetes identities through policies written in Rego☆350Updated 5 months ago
- GitHub Actions Pipeline Enumeration and Attack Tool☆701Updated 2 months ago
- A tool for preventing the installation of malicious npm and PyPI packages☆159Updated last week
- boostsecurityio/poutine☆313Updated this week
- Nord Stream is a tool that allows you to extract secrets stored inside CI/CD environments by deploying malicious pipelines. It currently …☆298Updated last month
- Damn Vulnerable Kubernetes App (DVKA) is a series of apps deployed on Kubernetes that are damn vulnerable.☆187Updated 3 weeks ago
- Octoscan is a static vulnerability scanner for GitHub action workflows.☆221Updated 4 months ago
- Supporting code and demos for KubeCon EU 2023 talk "Malicious Compliance: Reflections on Trusting Container Image Scanners"☆67Updated last year
- Chaos snake for Kubernetes. Chaos engineering combined with a classic snake game.☆179Updated last week
- Awesome secure by default libraries to help you eliminate bug classes!☆698Updated 4 months ago
- 🌯 Burrito is a TACoS Kubernetes Operator - "Argo CD for Terraform"☆531Updated this week
- Witness is a pluggable framework for software supply chain risk management. It automates, normalizes, and verifies software artifact pro…☆493Updated last week
- A curated list of resources about detecting threats and defending Kubernetes systems.☆392Updated 2 years ago
- Harden-Runner is a CI/CD security agent that works like an EDR for GitHub Actions runners. It monitors network egress, file integrity, an…☆869Updated last week
- A Helm chart to deploy CTFd HA/Autoscaling + Redis + MariaDB + MinIO☆19Updated 4 months ago
- This repository contains the container image scanning tool ORCA☆40Updated this week
- Response Engine for managing threats in your Kubernetes☆170Updated 2 weeks ago