Anchore container analysis and scan provided as a GitHub Action
☆268Feb 25, 2026Updated last week
Alternatives and similar repositories for scan-action
Users that are interested in scan-action are comparing it to the libraries listed below
Sorting:
- GitHub Action for creating software bill of materials using Syft.☆225Feb 25, 2026Updated last week
- Github action to benchmark dockerfiles in github repository.☆13Jan 10, 2023Updated 3 years ago
- A vulnerability scanner for container images and filesystems☆11,652Updated this week
- Service implementation for a Kubernetes Dynamic Webhook controller for interacting with Anchore☆65Updated this week
- CLI tool and library for generating a Software Bill of Materials from container images and filesystems☆8,435Updated this week
- Runs Trivy as GitHub action to scan your Docker container image for vulnerabilities☆1,225Feb 25, 2026Updated last week
- Deprecated; please use https://github.com/marketplace/actions/fortify-ast-scan instead☆13Nov 1, 2023Updated 2 years ago
- Enable Falco to read audit logs from EKS☆11Dec 13, 2020Updated 5 years ago
- A GitHub Action for using Conftest☆33Nov 29, 2021Updated 4 years ago
- A license scanner for container images and filesystems.☆143Updated this week
- Checkmarx CxFlow GitHub Action with SARIF output☆54Nov 13, 2025Updated 3 months ago
- go library for processing container images and simulating a squash filesystem☆104Feb 26, 2026Updated last week
- A CLI used to work with the Wolfi OSS project☆70Updated this week
- Example repository that demonstrates a supply chain security workflow using Syft, Grype, Cosign☆12Sep 15, 2021Updated 4 years ago
- Vim Plugin for Trivy☆14Feb 20, 2024Updated 2 years ago
- My dotfiles☆15Dec 10, 2025Updated 2 months ago
- Repository of SBOMs generated by the syft SBOM generator tool, against a list of popular dockerhub container images.☆19Oct 9, 2024Updated last year
- Harden-Runner is a CI/CD security agent that works like an EDR for GitHub Actions runners. It monitors network egress, file integrity, an…☆966Updated this week
- Grype vulnerability check plugin for Visual Studio Code☆24Dec 11, 2024Updated last year
- An extension for VS Code which provides support for OPA and the Rego policy language☆125Updated this week
- Anchore Image Validator lets you automatically detect or block security issues just before a Kubernetes pod starts.☆44Apr 5, 2023Updated 2 years ago
- A service that analyzes docker images and scans for vulnerabilities☆1,591Jan 26, 2023Updated 3 years ago
- Tool for collecting vulnerability data from various sources (used to build the grype database)☆114Updated this week
- Audit your GitHub Actions workflow runs to see exactly which Actions were downloaded☆80Feb 23, 2026Updated last week
- Docker Scout GitHub Action☆131Updated this week
- ☆62Updated this week
- Compare vulnerability scanners results (to make them better!)☆27Updated this week
- Submit SBOMs to GitHub's dependency submission API☆18Dec 4, 2025Updated 3 months ago
- Sysdig Terraform provider. Allow to handle Sysdig Secure policies as code.☆57Feb 25, 2026Updated last week
- A simple tool for converting Rego (OPA) rule into command.☆30Jun 1, 2022Updated 3 years ago
- Git action to generate security lint report for Kubernetes workload YAML files on PR☆27Mar 19, 2022Updated 3 years ago
- sbomqs: The Comprehensive SBOM Quality & Compliance Tool☆269Updated this week
- Contains scripts for running anchore engine in CI pipelines☆34Jun 13, 2022Updated 3 years ago
- Falco Rules helpers for VSCode☆12Jul 19, 2023Updated 2 years ago
- ☆13Jan 7, 2025Updated last year
- A set of GitHub actions for checking your projects for vulnerabilities.☆611Nov 5, 2025Updated 4 months ago
- Generate SBOMs with gh CLI☆199May 30, 2025Updated 9 months ago
- A Github Action to ensure that actions are pinned to full length commit SHAs☆50Updated this week
- GitHub Action to push a container image to an image registry.☆121Aug 16, 2024Updated last year