Alternatives and similar repositories for spectral-github-action:

Users that are interested in spectral-github-action are comparing it to the libraries listed below

• SpectralOps / vscode-extension
  Monitor your code for exposed API keys, tokens, credentials, and high-risk security IaC misconfigurations
  ☆18Updated last year
• SpectralOps / preflight
  preflight helps you verify scripts and executables to mitigate chain of supply attacks such as the recent Codecov hack.
  ☆152Updated 2 years ago
• SpectralOps / awesome-secure-saas-apis
  A catalog of SaaS APIs and their security levels, compliance, and regulation like GDPR, ISO27001, PCI and others
  ☆122Updated 3 years ago
• tellerops / helm-teller
  Allows you to manage configuration and secrets from multiple provider while masking the secrets at the deployment
  ☆72Updated 2 years ago
• SpectralOps / senv
  Friends don't let friends leak secrets on their terminal window
  ☆104Updated 3 years ago
• SpectralOps / netz
  Discover internet-wide misconfigurations while drinking coffee
  ☆388Updated 3 years ago
• aquasecurity / chain-bench-action
  ☆19Updated 2 years ago
• scribe-public / gitgat
  Evaluate source control (GitHub) security posture
  ☆249Updated last year
• allero-io / allero
  By scanning CI/CD misconfigurations, Allero helps reduce production issues, harden your security posture and shift-left CI/CD from DevOps…
  ☆205Updated last year
• rallyhealth / conftest-policy-packs
  Rego policies for enterprise-scale Compliance-as-Code with OPA Conftest.
  ☆58Updated last year
• arnica-ext / GitGoat
  GitGoat is an open source tool that was built to enable DevOps and Engineering teams to design and implement a sustainable misconfigurati…
  ☆169Updated this week
• OpenCSPM / opencspm
  Open Cloud Security Posture Management Engine
  ☆336Updated 2 years ago
• gofireflyio / validiac
  ValidIaC combines the best open-source tools to help ensure Infrastructure-as-Code best practices, hygiene & security.
  ☆227Updated 4 months ago
• dome9 / shiftleft
  Check Point shiftleft documentation and examples
  ☆14Updated 4 years ago
• Checkmarx / kics-github-action
  GitHub actions of KICS scan - Keeping Infrastructure as Code Secure
  ☆44Updated 3 months ago
• yowainwright / common-utilities
  Simple typed utilities generally written in a functional style for learning and utility 🧰
  ☆29Updated last week
• threatcl / threatcl
  Documenting your Threat Models with HCL
  ☆412Updated 4 months ago
• aquasecurity / chain-bench
  An open-source tool for auditing your software supply chain stack for security compliance based on a new CIS Software Supply Chain benchm…
  ☆735Updated last month
• CoinBoxFinance / MobileWallet
  Non-Custodial Multi-Chain Mobile Wallet Management for Blockchain assets, DEFI's and NFT's
  ☆34Updated 3 years ago
• CoinBoxFinance / pitchdeck
  CoinBox Finance Pitch Deck
  ☆19Updated 3 years ago
• common-fate / iamzero
  Identity & Access Management simplified and secure.
  ☆251Updated last year
• iacsecurity / tool-compare
  ☆281Updated 2 years ago
• Legit-Labs / legitify
  Detect and remediate misconfigurations and security risks across all your GitHub and GitLab assets
  ☆789Updated 2 weeks ago
• hysnsec / awesome-policy-as-code
  A curated list of policy-as-code resources like blogs, videos, and tools to practice on for learning Policy-as-Code.
  ☆185Updated last year
• permitio / OPToggles
  Easily sync open-policy rules to your feature toggles
  ☆126Updated 6 months ago
• iriusrisk / OpenThreatModel
  The Open Threat Modeling Format (OTM) defines a platform independent way to define the threat model of any system.
  ☆170Updated last month
• in-toto / witness
  Witness is a pluggable framework for software supply chain risk management. It automates, normalizes, and verifies software artifact pro…
  ☆423Updated last week
• AppsFlyer / terra-crust
  Terra Crust was created to allow Platform teams to expose Terraform as the main API to developers
  ☆66Updated 5 months ago