anchore / syft
CLI tool and library for generating a Software Bill of Materials from container images and filesystems
☆6,725Updated this week
Alternatives and similar repositories for syft:
Users that are interested in syft are comparing it to the libraries listed below
- A vulnerability scanner for container images and filesystems☆9,548Updated this week
- Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more☆25,046Updated this week
- Code signing and transparency for containers and binaries☆4,782Updated last week
- Vulnerability Static Analysis for Containers☆10,539Updated this week
- Tfsec is now part of Trivy☆6,793Updated last month
- Cloud Native Runtime Security☆7,712Updated this week
- Container Image Linter for Security, Helping build the Best-Practice Docker Image, Easy to start☆2,854Updated 2 months ago
- Supply-chain Levels for Software Artifacts☆1,626Updated this week
- OpenSSF Scorecard - Security health metrics for Open Source☆4,822Updated last week
- Dockerfile linter, validate inline bash, written in Haskell☆10,774Updated 2 weeks ago
- Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.☆4,866Updated 3 months ago
- Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastruct…☆2,252Updated this week
- A service that analyzes docker images and scans for vulnerabilities☆1,588Updated 2 years ago
- Checks whether Kubernetes is deployed according to security best practices as defined in the CIS Kubernetes Benchmark☆7,305Updated this week
- Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on p…☆4,661Updated last month
- Go library and CLIs for working with container registries☆3,280Updated this week
- eBPF-based Security Observability and Runtime Enforcement☆3,857Updated this week
- Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supp…☆2,930Updated this week
- Runs Trivy as GitHub action to scan your Docker container image for vulnerabilities☆902Updated last week
- Quick and Easy server testing/validation☆5,693Updated 2 months ago
- Write tests against structured configuration data using the Open Policy Agent Rego query language☆2,937Updated this week
- contaiNERD CTL - Docker-compatible CLI for containerd, with support for Compose, Rootless, eStargz, OCIcrypt, IPFS, ...☆8,639Updated this week
- Open Policy Agent (OPA) is an open source, general-purpose policy engine.☆10,047Updated this week
- An open-source runtime for composable workflows. Great for AI agents and CI/CD.☆13,117Updated this week
- KubeLinter is a static analysis tool that checks Kubernetes YAML files and Helm charts to ensure the applications represented in them adh…☆3,108Updated this week
- Boundary enables identity-based access management for dynamic infrastructure.☆3,904Updated this week
- Notary is a project that allows anyone to have trust over arbitrary collections of data☆3,257Updated 7 months ago
- Hunt for security weaknesses in Kubernetes clusters☆4,827Updated last year
- GUAC aggregates software security metadata into a high fidelity graph database.☆1,338Updated this week
- OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependen…☆6,804Updated this week