Yelp / detect-secrets
An enterprise friendly way of detecting and preventing secrets in code.
☆3,946Updated 2 weeks ago
Alternatives and similar repositories for detect-secrets:
Users that are interested in detect-secrets are comparing it to the libraries listed below
- Tfsec is now part of Trivy☆6,772Updated this week
- Dockerfile linter, validate inline bash, written in Haskell☆10,703Updated 2 months ago
- Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more☆24,739Updated this week
- Cloud Security Posture Management (CSPM)☆3,428Updated last week
- Vulnerability Static Analysis for Containers☆10,508Updated last week
- Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastruct…☆2,200Updated this week
- Hunt for security weaknesses in Kubernetes clusters☆4,796Updated 11 months ago
- Multi-Cloud Security Auditing Tool☆6,945Updated 3 months ago
- Find secrets with Gitleaks 🔑☆18,975Updated this week
- CLI tool and library for generating a Software Bill of Materials from container images and filesystems☆6,604Updated this week
- 🦙 MegaLinter analyzes 50 languages, 22 formats, 21 tooling formats, excessive copy-pastes, spelling mistakes and security issues in your…☆2,041Updated this week
- Prevents you from committing secrets and credentials into git repositories☆12,612Updated 10 months ago
- A vulnerability scanner for container images and filesystems☆9,401Updated this week
- Ah shhgit! Find secrets in your code. Secrets detection for your GitHub, GitLab and Bitbucket repositories.☆3,861Updated last year
- Snyk CLI scans and monitors your projects for security vulnerabilities.☆5,030Updated this week
- Vulnerability scanner written in Go which uses the data provided by https://osv.dev☆6,533Updated this week
- The Docker Bench for Security is a script that checks for dozens of common best-practices around deploying Docker containers in productio…☆9,272Updated 4 months ago
- RESTler is the first stateful REST API fuzzing tool for automatically testing cloud services through their REST APIs and finding security…☆2,676Updated last week
- Safety checks Python dependencies for known security vulnerabilities and suggests the proper remediations for vulnerabilities detected.☆1,796Updated this week
- A service that analyzes docker images and scans for vulnerabilities☆1,589Updated 2 years ago
- OpenSSF Scorecard - Security health metrics for Open Source☆4,773Updated this week
- Security Monkey monitors AWS, GCP, OpenStack, and GitHub orgs for assets and their changes over time.☆4,357Updated 4 years ago
- Container Image Linter for Security, Helping build the Best-Practice Docker Image, Easy to start☆2,840Updated last month
- StreamAlert is a serverless, realtime data analysis framework which empowers you to ingest, analyze, and alert on data from any environme…☆2,860Updated last year
- Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.☆4,838Updated 2 months ago
- Terratest is a Go library that makes it easier to write automated tests for your infrastructure code.☆7,585Updated this week
- InSpec: Auditing and Testing Framework☆2,885Updated this week
- Terragrunt is a flexible orchestration tool that allows Infrastructure as Code written in OpenTofu/Terraform to scale.☆8,419Updated this week
- Cloud Native Runtime Security☆7,620Updated this week
- Automating situational awareness for cloud penetration tests.☆2,035Updated last month