apiiro / PRevent
Prevent merging of malicious code in pull requests
☆220Updated last month
Alternatives and similar repositories for PRevent:
Users that are interested in PRevent are comparing it to the libraries listed below
- Focused malicious code detection ruleset, with a high protection-to-noise ratio☆116Updated 2 months ago
- Validate the isolation posture of your container environment.☆275Updated last week
- RedFlag uses AI to identify high-risk code changes. Run it in batch mode for release candidate testing or in CI pipelines to flag PRs and…☆148Updated 5 months ago
- ☆63Updated 3 months ago
- boostsecurityio/poutine☆267Updated this week
- A tool for preventing the installation of malicious PyPI and npm packages☆140Updated this week
- Static code analyser for backdoors and malicious code in git repos using OpenAI compatible LLM APIs☆73Updated last year
- Web Server Vulnerability Scanning Tool☆35Updated last month
- Use AI to Scan Your Code from the Command Line for security and code smells. Bring your own keys. Supports OpenAI and Gemini☆166Updated last week
- Repository containing source code of MixewayFlow service that is Swiss army knife for DevSecOps Teams☆49Updated last week
- Simple plug-and-play Github Action to block unauthorized outbound traffic (egress) in your Github workflows☆95Updated 3 weeks ago
- YES3 Scanner: S3 Security Scanner for Access and Ransomware Protection☆65Updated last week
- Secure Code Review AI Agent (SeCoRA) - AI SAST☆48Updated 3 months ago
- Octoscan is a static vulnerability scanner for GitHub action workflows.☆209Updated 3 weeks ago
- 🧪 Correlate Semgrep scans with Python test coverage to prioritize SAST findings and get bug fix suggestions via a self-hosted LLM.☆39Updated 4 months ago
- Security tool against dependency typosquatting attacks☆39Updated last week
- A flexible threat detection platform that simplifies rule management and deployment using K8s CronJob and Helm, but can also run standalo…☆375Updated 7 months ago
- A multi-vault secret injection tool for safely injecting secrets into app environment☆124Updated 2 weeks ago
- An open-source collection of API key rotation tutorials.☆71Updated last month
- Runtime Security Solution for your CI/CD Pipeline☆101Updated last month
- SecObserve is an open source vulnerability and license management system for software development teams and cloud environments. It suppor…☆132Updated this week
- Nord Stream is a tool that allows you to extract secrets stored inside CI/CD environments by deploying malicious pipelines. It currently …☆278Updated 3 months ago
- Ephemeral, zero-knowledge, end-to-end encrypted sensitive data sharing☆99Updated this week
- Identify hardcoded secrets in static structured text (version 2)☆91Updated 3 months ago
- Nakamoto is a 2 layer encryption tool to protect your data and your cyptocurrency☆14Updated last month
- Vanir is a source code-based static analysis tool that automatically identifies the list of missing security patches in the target system…☆325Updated last month
- Secutils.dev is an open-source, versatile, yet simple security toolbox for engineers and researchers☆72Updated last week
- ☆178Updated 2 weeks ago
- 🚀 Code Analysis & Policy as Code for Open Source Software Supply Chain☆351Updated last week
- Semgrep-based Policy Controller for Kubernetes☆47Updated last month