aquasecurity / cfsec
Static analysis for CloudFormation templates to identify common misconfiguration
☆57Updated 3 years ago
Alternatives and similar repositories for cfsec:
Users that are interested in cfsec are comparing it to the libraries listed below
- vscode extension for tfsec☆30Updated 2 years ago
- ☆25Updated last year
- ☆54Updated this week
- a tool to audit the istio service mesh☆173Updated 3 years ago
- Simple tool that allows you to detect imposter commits in GitHub Actions workflows.☆23Updated 4 months ago
- An SBOM query language and associated utilities☆54Updated last year
- Kubernetes audit logging, when you don't control the control plane☆74Updated this week
- ☆33Updated 2 years ago
- Automated determination of which AWS services run where☆20Updated this week
- vexctl is a tool to attest VEX impact statements☆44Updated 2 years ago
- Darkbit Cloud Security Tools☆25Updated 4 years ago
- Slack alert bot for matching Github Audit Events☆10Updated 5 months ago
- A tool to check the security settings of Github Organizations.☆71Updated last year
- Open-source proof-of-concept client for AWS IAM Roles Anywhere☆71Updated 2 years ago
- Kubernetes admission webhook that uses cosign verify to check the subject and issuer of the image matches what you expect☆23Updated 3 weeks ago
- Security configuration checks for popular cloud native applications and infrastructure.☆118Updated 3 years ago
- ☆22Updated 2 years ago
- ☆112Updated 3 months ago
- Software signing just got easier☆16Updated last year
- Compares and analyzes GCP IAM roles.☆77Updated last month
- Github Action implementation of SLSA Provenance Generation☆48Updated last week
- PolicyGlass allows you to analyse one or more AWS policies' effective permissions in aggregate, by restating them in the form of PolicySh…☆59Updated 3 years ago
- Attaché provides an emulation layer for Cloud Provider IMDS APIs☆52Updated 10 months ago
- K8s Network Policy Migrator is a tool to migrate Calico or Cilium custom network policies to Kubernetes native network policy. The tool o…☆30Updated last year
- Rego policies for enterprise-scale Compliance-as-Code with OPA Conftest.☆58Updated last year
- Common Golang Packages for use by the Various Cloud Nuke Tools☆40Updated this week
- NamespaceHound is the tool for detecting the risk of potential namespace crossing violations in multi-tenant clusters.☆82Updated 4 months ago
- ☆16Updated 2 years ago
- TACOS framework structural details☆20Updated last year
- ☆74Updated 2 weeks ago