SpectralOps / spectral-github-actionLinks
Spectral Security Integration into your Github Actions pipeline
☆14Updated last year
Alternatives and similar repositories for spectral-github-action
Users that are interested in spectral-github-action are comparing it to the libraries listed below
Sorting:
- Monitor your code for exposed API keys, tokens, credentials, and high-risk security IaC misconfigurations☆19Updated last year
- preflight helps you verify scripts and executables to mitigate chain of supply attacks such as the recent Codecov hack.☆154Updated 2 years ago
- A catalog of SaaS APIs and their security levels, compliance, and regulation like GDPR, ISO27001, PCI and others☆128Updated 3 years ago
- Keyscope is a key and secret workflow (validation, invalidation, etc.) tool built in Rust☆398Updated 4 months ago
- Allows you to manage configuration and secrets from multiple provider while masking the secrets at the deployment☆72Updated 2 years ago
- Friends don't let friends leak secrets on their terminal window☆104Updated 4 years ago
- zanadir is an open-source CLI tool that analyzes GitHub repositories and suggests open-source tools to enhance CI/CD best practices.☆140Updated last month
- By scanning CI/CD misconfigurations, Allero helps reduce production issues, harden your security posture and shift-left CI/CD from DevOps…☆205Updated last year
- Detect and remediate misconfigurations and security risks across all your GitHub and GitLab assets☆811Updated 2 months ago
- ☆19Updated 2 years ago
- An open-source tool for auditing your software supply chain stack for security compliance based on a new CIS Software Supply Chain benchm…☆748Updated 5 months ago
- The universal GraphQL API and CSPM tool for AWS, Azure, GCP, K8s, and tencent.☆889Updated last year
- Evaluate source control (GitHub) security posture☆250Updated 2 years ago
- A reading list for software supply-chain security.☆364Updated 2 years ago
- Generate a score for your sbom to understand if it will actually be useful.☆229Updated 9 months ago
- Notice: Postee is no longer under active development or maintenance.☆211Updated this week
- Secure shell history commands by finding sensitive data☆223Updated 2 years ago
- The Open Threat Modeling Format (OTM) defines a platform independent way to define the threat model of any system.☆172Updated 6 months ago
- Documenting your Threat Models with HCL☆430Updated last week
- ValidIaC combines the best open-source tools to help ensure Infrastructure-as-Code best practices, hygiene & security.☆230Updated 3 weeks ago
- ☆415Updated 2 years ago
- Check Point shiftleft documentation and examples☆14Updated 4 years ago
- BadRobot - Operator Security Audit Tool☆220Updated this week
- Overlay is a browser extension helping developers evaluate open source packages before picking them☆224Updated last year
- A Continuous Threat Modeling methodology☆319Updated 2 years ago
- A list of cloud security tools and vendors.☆166Updated 9 months ago
- ☆284Updated 2 years ago
- GitGoat is an open source tool that was built to enable DevOps and Engineering teams to design and implement a sustainable misconfigurati…☆170Updated 4 months ago
- A standard API specification for exchanging supply chain artifacts and intelligence☆81Updated this week
- Examples of Custom Secret Scanning Patterns☆161Updated 3 months ago