anchore / yardstickLinks
Compare vulnerability scanners results (to make them better!)
☆22Updated this week
Alternatives and similar repositories for yardstick
Users that are interested in yardstick are comparing it to the libraries listed below
Sorting:
- An SBOM query language and associated utilities☆54Updated last year
- Open Source runtime scanner for k8s cluster and perform security audit checks based on CIS Kubernetes Benchmark specification☆68Updated 7 months ago
- Slack alert bot for matching Github Audit Events☆10Updated 8 months ago
- Tool for collecting vulnerability data from various sources (used to build the grype database)☆101Updated this week
- (d)ocker(f)ile (c)onverter: CLI to convert Dockerfiles to use Chainguard Images and APKs in FROM and RUN lines etc.☆80Updated 3 weeks ago
- ☆51Updated last week
- SBOM Move - Automate build and transfer of SBOMs across systems☆23Updated this week
- a fast changelog generator sourced from PRs and Issues☆62Updated this week
- vexctl is a tool to attest VEX impact statements☆44Updated 2 years ago
- ☆30Updated this week
- ☆41Updated 2 years ago
- ☆21Updated 2 months ago
- NamespaceHound is the tool for detecting the risk of potential namespace crossing violations in multi-tenant clusters.☆107Updated 6 months ago
- Demo repository for running eBPF in GitHub Actions☆19Updated 4 months ago
- Kubernetes admission webhook that uses cosign verify to check the subject and issuer of the image matches what you expect☆23Updated last week
- Static analysis for CloudFormation templates to identify common misconfiguration☆57Updated 3 years ago
- in-toto is a framework to secure the software supply chain.☆70Updated 6 months ago
- Runtime Security Solution for your CI/CD Pipeline☆107Updated last month
- a tool to audit the istio service mesh☆173Updated 3 years ago
- Grype vulnerability check plugin for Visual Studio Code☆23Updated 7 months ago
- A replacement for "kubectl exec" that works over WebSocket connections.☆40Updated last year
- Format agnostic SBOM tooling☆112Updated this week
- ☆74Updated 2 months ago
- A collection of reusable Github Actions workflows.☆134Updated this week
- Protect your Cloud Native Applications running on Kubernetes from malicious attacks with pre-registered source code, pre-registered runti…☆56Updated 7 months ago
- Various tools, images, etc. to support the Wolfi OSS project☆26Updated this week
- ☆90Updated 2 months ago
- ☆55Updated last week
- A tool to create, transform and attest VEX metadata☆148Updated 2 weeks ago
- Docs and Tutorials for Chainguard☆84Updated this week