ShiftLeftSecurity / scan-actionLinks
☆53Updated 3 years ago
Alternatives and similar repositories for scan-action
Users that are interested in scan-action are comparing it to the libraries listed below
Sorting:
- Run a security scan on your terraform with the very nice https://github.com/aquasecurity/tfsec☆113Updated last year
- A GitHub action to help you scan your docker image for vulnerabilities☆222Updated 2 years ago
- Github Action implementation of SLSA Provenance Generation☆50Updated last week
- Securing Alice's, Bob's and Carl's software supply chain using in-toto☆98Updated last week
- fatbom (Fat Bill Of Materials) is a tool which combines the SBOM generated by various tools into one fat SBOM. Thus leveraging each tool'…☆33Updated 3 years ago
- GitHub Action for creating software bill of materials using Syft.☆206Updated this week
- Git action to generate security lint report for Kubernetes workload YAML files on PR☆28Updated 3 years ago
- Assumes roles in AWS that have useful role session tags☆41Updated 2 years ago
- Proof-of-concept SLSA provenance generator for GitHub Actions☆100Updated 2 years ago
- Sysdig Terraform provider. Allow to handle Sysdig Secure policies as code.☆54Updated this week
- Generate a score for your sbom to understand if it will actually be useful.☆234Updated last year
- Sets up Open Policy Agent CLI in your GitHub Actions workflow.☆52Updated 3 weeks ago
- vscode extension for tfsec☆30Updated 2 years ago
- Slack alert bot for matching Github Audit Events☆10Updated 11 months ago
- A curated list of policy-as-code resources like blogs, videos, and tools to practice on for learning Policy-as-Code.☆197Updated last year
- Publishes BOMs to Dependency-Track from GitHub Actions☆55Updated last year
- Kubernetes Common Configuration Scoring System☆123Updated 3 years ago
- Security configuration checks for popular cloud native applications and infrastructure.☆119Updated 3 years ago
- Rego policies for enterprise-scale Compliance-as-Code with OPA Conftest.☆59Updated 2 years ago
- A tool to check the security settings of Github Organizations.☆72Updated 2 years ago
- A set of tools and libraries written in Go to interact with the Lacework platform.☆38Updated this week
- Vanilla GitHub action to run tfsec☆60Updated 2 years ago
- Pre-commit git hooks for Open Policy Agent (OPA) and Rego development☆67Updated 3 months ago
- CLI for searching Rego policies☆106Updated 3 years ago
- A tool to create, transform and attest VEX metadata☆161Updated this week
- Contains scripts for running anchore engine in CI pipelines☆34Updated 3 years ago
- GitHub Advance Security Compliance Action☆134Updated 2 years ago
- Trivy's misconfiguration scanning engine☆216Updated 9 months ago
- GitHub actions of KICS scan - Keeping Infrastructure as Code Secure☆52Updated last month
- Enrich SBOMs with data from third party services☆196Updated 2 months ago