anchore / scan-actionLinks
Anchore container analysis and scan provided as a GitHub Action
☆244Updated last week
Alternatives and similar repositories for scan-action
Users that are interested in scan-action are comparing it to the libraries listed below
Sorting:
- GitHub Action for creating software bill of materials using Syft.☆187Updated last week
- A utility to generate SPDX-compliant Bill of Materials manifests☆390Updated 2 weeks ago
- Verify provenance from SLSA compliant builders☆262Updated last week
- A collection of reusable Github Actions workflows.☆132Updated last week
- Language-agnostic SLSA provenance generation for Github Actions☆472Updated 2 weeks ago
- Search an SBOM for licenses and the packages they belong to☆88Updated this week
- Official GitHub Action for OpenSSF Scorecard.☆307Updated last week
- GitHub actions of KICS scan - Keeping Infrastructure as Code Secure☆49Updated last week
- Open source compliance tool for development platforms.☆286Updated last year
- Evaluate source control (GitHub) security posture☆249Updated 2 years ago
- A GitHub action to help you scan your docker image for vulnerabilities☆221Updated 2 years ago
- Cosign Github Action☆148Updated 2 weeks ago
- GitHub Advanced Security Policy as Code☆82Updated last week
- Enrich SBOMs with data from third party services☆173Updated 2 months ago
- Plugin for Docker CLI to support SBOM creation using Syft☆156Updated last month
- Orchestrate GitHub Actions Security☆285Updated this week
- A tool to create, transform and attest VEX metadata☆138Updated last week
- Witness is a pluggable framework for software supply chain risk management. It automates, normalizes, and verifies software artifact pro…☆477Updated 2 weeks ago
- Catalogue all images of a Kubernetes cluster to multiple targets with Syft☆201Updated this week
- A CLI tool to sign and verify artifacts☆409Updated 2 weeks ago
- A VS Code Extension for Trivy☆137Updated this week
- 🦅 Run a StackHawk scan in GitHub Actions☆25Updated last month
- Github Action to automatically update digests for container images.☆60Updated 2 weeks ago
- Throw a tag at it and it comes back with a checksum.☆136Updated this week
- Runs Trivy as GitHub action to scan your Docker container image for vulnerabilities☆966Updated 2 weeks ago
- Helm charts for sigstore project☆76Updated last week
- Proof-of-concept SLSA provenance generator for GitHub Actions☆99Updated 2 years ago
- ☆236Updated 2 weeks ago
- Sigstore Policy Controller - an admission controller that can be used to enforce policy on a Kubernetes cluster based on verifiable supp…☆132Updated this week
- Security configuration checks for popular cloud native applications and infrastructure.☆118Updated 3 years ago