SecureStackCo / actions-sbomLinks
A GitHub Action that creates a SBOM from your application so you can meet compliance and security requirements. Add this to your dev, staging and prod steps and SecureStack will make sure that what you've just deployed is secure and meets your requirements, and has the SBOM to show it!
☆25Updated 2 years ago
Alternatives and similar repositories for actions-sbom
Users that are interested in actions-sbom are comparing it to the libraries listed below
Sorting:
- Tools that checks for misconfigured access to Github OIDC from AWS roles and GCP service accounts☆61Updated 2 years ago
- Compares and analyzes GCP IAM roles.☆77Updated 5 months ago
- HashiCorp-relevant rules for the Semgrep code analysis tool☆41Updated last year
- 🖇️ STRIDE vs. ASVS equivalence table☆76Updated last year
- Clean accounts over permissions in GCP infra at scale☆71Updated 2 years ago
- A tool to check the security settings of Github Organizations.☆72Updated 2 years ago
- Scans every git push to your Github organisations to find unwanted secrets.☆87Updated 4 months ago
- ☆72Updated last month
- Protect against subdomain takeover☆93Updated last month
- Script to audit GitHub Action Workflow files for potential vulnerabilities.☆156Updated last year
- ☆112Updated 2 years ago
- ☆56Updated last week
- Scans your Github Actions for security issues☆83Updated last week
- 💅🏽 analyzes your github actions☆93Updated last week
- A security tool designed to help review merged code changes to open source maintained repositories via LLM assisted review to safeguard a…☆30Updated 10 months ago
- Repository to archive GCP Documentation for local use☆16Updated 6 months ago
- Simple plug-and-play Github Action to block unauthorized outbound traffic (egress) in your Github workflows☆110Updated last week
- Unauthenticated enumeration of AWS IAM Roles.☆25Updated 7 months ago
- A small library to alter AWS API requests; Used for fuzzing research☆22Updated last year
- GCP CSPM using Google Sheets☆36Updated 4 months ago
- Semgrep-based Policy Controller for Kubernetes☆47Updated 4 months ago
- This application was built to help reduce the amount of time it takes to review AWS Lambda code.☆60Updated 9 months ago
- ☆49Updated 2 years ago
- The security workflow engine!☆119Updated this week
- SecureMCP is a security auditing tool designed to detect vulnerabilities and misconfigurations in applications using the [Model Context P…☆124Updated 2 months ago
- ☆114Updated 3 weeks ago
- A public cloud security knowledgebase - https://www.secwiki.cloud/☆51Updated 9 months ago
- TrailAlerts is a AWS-native, serverless cloud-detection tool that lets you define simple rules as code and get rich alerts about events i…☆48Updated 3 months ago
- A framework for understanding the capabilities of automated detection methods at identifying classes of application security vulnerabilit…☆30Updated this week
- The Open Threat Modeling Format (OTM) defines a platform independent way to define the threat model of any system.☆176Updated 9 months ago