ShiftLeftSecurity / scan-actionLinks
☆53Updated 3 years ago
Alternatives and similar repositories for scan-action
Users that are interested in scan-action are comparing it to the libraries listed below
Sorting:
- Run a security scan on your terraform with the very nice https://github.com/aquasecurity/tfsec☆113Updated 11 months ago
- Pre-commit git hooks for Open Policy Agent (OPA) and Rego development☆67Updated 3 months ago
- Sysdig Terraform provider. Allow to handle Sysdig Secure policies as code.☆54Updated 2 weeks ago
- Github Action implementation of SLSA Provenance Generation☆50Updated last week
- Git action to generate security lint report for Kubernetes workload YAML files on PR☆28Updated 3 years ago
- Security configuration checks for popular cloud native applications and infrastructure.☆119Updated 3 years ago
- Securing Alice's, Bob's and Carl's software supply chain using in-toto☆97Updated this week
- Add comments to pull requests where tfsec checks have failed☆169Updated 2 years ago
- A GitHub action to help you scan your docker image for vulnerabilities☆222Updated 2 years ago
- CLI for searching Rego policies☆106Updated 3 years ago
- GitHub Action for creating software bill of materials using Syft.☆202Updated 3 weeks ago
- ☆56Updated 2 years ago
- A Github Action to automatically update digests for container images.☆74Updated last month
- Vanilla GitHub action to run tfsec☆59Updated 2 years ago
- A GitHub Action for using Conftest☆33Updated 3 years ago
- GitHub actions of KICS scan - Keeping Infrastructure as Code Secure☆52Updated last week
- Rego policies for enterprise-scale Compliance-as-Code with OPA Conftest.☆59Updated last year
- fatbom (Fat Bill Of Materials) is a tool which combines the SBOM generated by various tools into one fat SBOM. Thus leveraging each tool'…☆33Updated 2 years ago
- Check images in your charts for vulnerabilities☆42Updated 3 months ago
- Sets up Open Policy Agent CLI in your GitHub Actions workflow.☆52Updated last month
- Contains scripts for running anchore engine in CI pipelines☆34Updated 3 years ago
- Kubernetes Common Configuration Scoring System☆123Updated 3 years ago
- Owasp Zap chart for Kubernetes☆49Updated 3 years ago
- Github action to run dependency check☆84Updated 3 months ago
- Unified Policy Engine☆64Updated last month
- Falco Running with Ptrace(2) for Kernel Events☆36Updated 5 years ago
- Example Code along with the blog post at https://blokje5/dev☆24Updated 6 years ago
- fatt tries to find any purl in your project by looking at predefined fields in the supported packages. These fields describe using a purl…☆11Updated 3 weeks ago
- Use Snyk to find and fix vulnerabilities in your Kubernetes workloads☆93Updated this week
- Publishes BOMs to Dependency-Track from GitHub Actions☆55Updated last year