aquasecurity / trivy-actionLinks
Runs Trivy as GitHub action to scan your Docker container image for vulnerabilities
☆979Updated 2 weeks ago
Alternatives and similar repositories for trivy-action
Users that are interested in trivy-action are comparing it to the libraries listed below
Sorting:
- Anchore container analysis and scan provided as a GitHub Action☆246Updated this week
- Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastruct…☆2,387Updated this week
- Harden-Runner is a CI/CD security agent that works like an EDR for GitHub Actions runners. It monitors network egress, file integrity, an…☆834Updated this week
- Kubernetes-native security toolkit☆1,533Updated this week
- Superseded by https://github.com/aquasecurity/trivy-operator☆1,366Updated 2 months ago
- Regula checks infrastructure as code templates (Terraform, CloudFormation, k8s manifests) for AWS, Azure, Google Cloud, and Kubernetes se…☆963Updated 9 months ago
- 🧵 CLI tool for directly patching container images!☆1,331Updated this week
- A FAST Kubernetes manifests validator, with support for Custom Resources!☆2,646Updated last month
- Kubernetes object analysis with recommendations for improved reliability and security. kube-score actively prevents downtime and bugs in …☆2,910Updated last month
- OpenClarity is an open source platform built to enhance security and observability of cloud native applications and infrastructure☆1,415Updated last week
- Detect and remediate misconfigurations and security risks across all your GitHub and GitLab assets☆810Updated 2 months ago
- Pike is a tool for determining the permissions or policy required for IAC code☆724Updated this week
- Container Image Linter for Security, Helping build the Best-Practice Docker Image, Easy to start☆2,930Updated 5 months ago
- Detect, track and alert on infrastructure drift☆2,555Updated 2 weeks ago
- Write tests against structured configuration data using the Open Policy Agent Rego query language☆2,992Updated this week
- Security risk analysis for Kubernetes resources☆1,341Updated 2 weeks ago
- A tool for securing CI/CD workflows with version pinning.☆838Updated last month
- Public Chainguard Images☆605Updated this week
- A GitHub Action that simplifies using HashiCorp Vault™ secrets as build variables.☆468Updated last week
- Language-agnostic SLSA provenance generation for Github Actions☆477Updated last month
- A GitHub action to help you scan your docker image for vulnerabilities☆221Updated 2 years ago
- A Terraform / OpenTofu state migration tool for GitOps☆1,208Updated last month
- The OWASP DevSecOps Guideline can help us to embedding security as a part of the development pipeline.☆939Updated 4 months ago
- A cli tool to help discover deprecated apiVersions in Kubernetes☆2,315Updated this week
- A GitHub Action for running the ZAP Baseline scan☆329Updated this week
- GitHub action for Hadolint, A Dockerfile linting tool☆226Updated last year
- OWASP Foundation Web Respository☆585Updated last year
- Connect Falco to your ecosystem☆599Updated this week
- KubeLinter is a static analysis tool that checks Kubernetes YAML files and Helm charts to ensure the applications represented in them adh…☆3,202Updated this week
- A VS Code Extension for Trivy☆141Updated this week