Alternatives and similar repositories for trivy-action:

Users that are interested in trivy-action are comparing it to the libraries listed below

• aquasecurity / trivy-operator
  Kubernetes-native security toolkit
  ☆1,340Updated this week
• anchore / scan-action
  Anchore container analysis and scan provided as a GitHub Action
  ☆223Updated this week
• project-copacetic / copacetic
  🧵 CLI tool for directly patching container images!
  ☆1,110Updated this week
• Checkmarx / kics
  Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastruct…
  ☆2,140Updated this week
• controlplaneio / kubesec
  Security risk analysis for Kubernetes resources
  ☆1,265Updated this week
• fugue / regula
  Regula checks infrastructure as code templates (Terraform, CloudFormation, k8s manifests) for AWS, Azure, Google Cloud, and Kubernetes se…
  ☆961Updated 4 months ago
• sigstore / cosign
  Code signing and transparency for containers and binaries
  ☆4,647Updated this week
• opentofu / registry
  The all-new opentofu.org registry!
  ☆338Updated this week
• snyk / actions
  A set of GitHub actions for checking your projects for vulnerabilities
  ☆528Updated 4 months ago
• step-security / harden-runner
  Harden-Runner secures CI/CD workflows by controlling network access and monitoring activities on GitHub-hosted and self-hosted runners
  ☆647Updated this week
• hashicorp / setup-terraform
  Sets up Terraform CLI in your GitHub Actions workflow.
  ☆1,412Updated last month
• snyk / driftctl
  Detect, track and alert on infrastructure drift
  ☆2,495Updated last week
• JamesWoolfenden / pike
  Pike is a tool for determining the permissions or policy required for IAC code
  ☆608Updated this week
• aquasecurity / starboard
  Moved to https://github.com/aquasecurity/trivy-operator
  ☆1,360Updated last month
• chainguard-images / images
  Public Chainguard Images
  ☆565Updated this week
• openclarity / openclarity
  OpenClarity is an open source tool built to enhance security and observability of cloud native applications and infrastructure
  ☆1,367Updated this week
• minamijoyo / tfupdate
  Update version constraints in your Terraform configurations
  ☆570Updated 5 months ago
• hashicorp / vault-action
  A GitHub Action that simplifies using HashiCorp Vault™ secrets as build variables.
  ☆451Updated last week
• terraform-linters / setup-tflint
  A GitHub action that installs Terraform linter TFLint
  ☆153Updated 2 weeks ago
• tofuutils / tenv
  OpenTofu / Terraform / Terragrunt and Atmos version manager
  ☆808Updated this week
• cycloidio / terracognita
  Reads from existing public and private cloud providers (reverse Terraform) and generates your infrastructure as code on Terraform configu…
  ☆2,229Updated 8 months ago
• zaproxy / action-baseline
  A GitHub Action for running the ZAP Baseline scan
  ☆318Updated last month
• integrations / terraform-provider-github
  Terraform GitHub provider
  ☆928Updated this week
• sethvargo / ratchet
  A tool for securing CI/CD workflows with version pinning.
  ☆777Updated last month
• Azure / container-scan
  A GitHub action to help you scan your docker image for vulnerabilities
  ☆219Updated 2 years ago
• awesomeSBOM / awesome-sbom
  A curated list of SBOM (Software Bill Of Materials) related tools, frameworks, blogs, podcasts, and articles
  ☆497Updated 2 months ago
• cycloidio / inframap
  Read your tfstate or HCL to generate a graph specific for each provider, showing only the resources that are most important/relevant.
  ☆1,781Updated 7 months ago
• cloudposse / atmos
  👽 Terraform Orchestration Tool for DevOps. Keep environment configuration DRY with hierarchical imports of configurations, inheritance, …
  ☆857Updated this week