aquasecurity / trivy-checks
☆39Updated this week
Related projects ⓘ
Alternatives and complementary repositories for trivy-checks
- Protect GitHub Actions with Tracee☆79Updated 11 months ago
- CLI to prevent malicious Terraform Providers from being executed. You can define the allow list of Terraform Providers and their versions…☆76Updated this week
- A GitHub App that acts like a Security Token Service (STS) for the Github API☆139Updated last week
- ☆30Updated 3 weeks ago
- Rego policies for enterprise-scale Compliance-as-Code with OPA Conftest.☆58Updated last year
- Kubernetes audit logging, when you don't control the control plane☆65Updated this week
- A tool to create, transform and attest VEX metadata☆117Updated last week
- Trivy kubernetes library☆31Updated this week
- A collection of reusable Github Actions workflows.☆119Updated this week
- ☆13Updated this week
- vscode extension for tfsec☆30Updated last year
- Add comments to pull requests where tfsec checks have failed☆164Updated last year
- vexctl is a tool to attest VEX impact statements☆44Updated last year
- Security configuration checks for popular cloud native applications and infrastructure.☆118Updated 2 years ago
- A VS Code Extension for Trivy☆115Updated last year
- Terrascan GitHub action. Scan infrastructure as code including Terraform, Kubernetes, Helm, and Kustomize file for security best practice…☆51Updated last week
- An SBOM query language and associated utilities☆54Updated 9 months ago
- Sets up Open Policy Agent CLI in your GitHub Actions workflow.☆45Updated 7 months ago
- Kubernetes Native, Runtime Container Image Scanning☆39Updated 2 years ago
- Anchore Kubernetes Inventory can poll Kubernetes Cluster API(s) to tell Anchore Enterprise which Containers and Images are currently in-u…☆63Updated this week
- Kubernetes Admission Controller for Image Scanning using OPA☆50Updated last year
- GitHub Issue + Trivy Action☆54Updated last year
- Sysdig Terraform provider. Allow to handle Sysdig Secure policies as code.☆49Updated this week
- A standalone exporter for vulnerability reports and other CRs created by Trivy Operator (formerly Starboard).☆58Updated 2 weeks ago
- Trivy's misconfiguration scanning engine☆215Updated 7 months ago
- Creates PolicyReports based on the different Trivy Operator CRDs like VulnerabilityReports☆56Updated last week
- Administrative tooling for Falco☆87Updated this week
- Proof-of-concept SLSA provenance generator for GitHub Actions☆99Updated 2 years ago
- Run tfsec with reviewdog on pull requests to enforce security best practices☆72Updated this week