anchore / scan-actionLinks
Anchore container analysis and scan provided as a GitHub Action
☆246Updated this week
Alternatives and similar repositories for scan-action
Users that are interested in scan-action are comparing it to the libraries listed below
Sorting:
- GitHub Action for creating software bill of materials using Syft.☆189Updated last week
- Cosign Github Action☆148Updated this week
- Open source compliance tool for development platforms.☆286Updated last year
- Github Action to automatically update digests for container images.☆62Updated last month
- Evaluate source control (GitHub) security posture☆250Updated 2 years ago
- Runs Trivy as GitHub action to scan your Docker container image for vulnerabilities☆984Updated 3 weeks ago
- Verify provenance from SLSA compliant builders☆267Updated this week
- A tool to create, transform and attest VEX metadata☆143Updated last week
- A collection of reusable Github Actions workflows.☆133Updated this week
- Search an SBOM for licenses and the packages they belong to☆93Updated last week
- Regal is a linter and language server for Rego, bringing your policy development experience to the next level!☆309Updated this week
- A utility to generate SPDX-compliant Bill of Materials manifests☆396Updated last week
- A GitHub action to help you scan your docker image for vulnerabilities☆221Updated 2 years ago
- Language-agnostic SLSA provenance generation for Github Actions☆478Updated last month
- A CLI tool to sign and verify artifacts☆413Updated this week
- Plugin for Docker CLI to support SBOM creation using Syft☆156Updated 2 months ago
- Notice: Postee is no longer under active development or maintenance.☆211Updated 3 weeks ago
- Witness is a pluggable framework for software supply chain risk management. It automates, normalizes, and verifies software artifact pro…☆486Updated last week
- Orchestrate GitHub Actions Security☆289Updated 2 weeks ago
- Create ephemeral, finely-scoped @github access tokens using @hashicorp Vault.☆286Updated 2 months ago
- GitHub Advanced Security Policy as Code☆83Updated 2 weeks ago
- Use Snyk to find and fix vulnerabilities in your Kubernetes workloads☆91Updated this week
- Cross tooling and interoperability specifications☆170Updated last month
- GitHub actions of KICS scan - Keeping Infrastructure as Code Secure☆49Updated 2 weeks ago
- build APKs from source code☆489Updated this week
- The Aqua Security Provider for Terraform allows you to declaratively define the configuration of your Aqua platform.☆37Updated 3 weeks ago
- Harden-Runner is a CI/CD security agent that works like an EDR for GitHub Actions runners. It monitors network egress, file integrity, an…☆834Updated this week
- Official GitHub Action for OpenSSF Scorecard.☆311Updated last week
- Generate SBOMs with gh CLI☆187Updated 3 weeks ago
- A VS Code Extension for Trivy☆142Updated this week