Alternatives and similar repositories for trivy-iac:

Users that are interested in trivy-iac are comparing it to the libraries listed below

• aquasecurity / trivy-checks
  ☆46Updated this week
• aquasecurity / vscode-tfsec
  vscode extension for tfsec
  ☆30Updated 2 years ago
• aquasecurity / vexhub
  ☆19Updated this week
• aquasecurity / defsec
  Trivy's misconfiguration scanning engine
  ☆218Updated 3 weeks ago
• aquasecurity / cfsec
  Static analysis for CloudFormation templates to identify common misconfiguration
  ☆57Updated 3 years ago
• aquasecurity / trivy-docker-extension
  Docker Desktop Extension for Trivy
  ☆22Updated last week
• octo-sts / action
  ☆32Updated 3 months ago
• octo-sts / app
  A GitHub App that acts like a Security Token Service (STS) for the Github API
  ☆147Updated this week
• chainguard-dev / bomshell
  An SBOM query language and associated utilities
  ☆54Updated last year
• VexStore / fatbom
  fatbom (Fat Bill Of Materials) is a tool which combines the SBOM generated by various tools into one fat SBOM. Thus leveraging each tool'…
  ☆32Updated 2 years ago
• aquasecurity / tracee-action
  Protect GitHub Actions with Tracee
  ☆80Updated last week
• chainguard-dev / vex
  vexctl is a tool to attest VEX impact statements
  ☆44Updated last year
• suzuki-shunsuke / tfprovidercheck
  CLI to prevent malicious Terraform Providers from being executed. You can define the allow list of Terraform Providers and their versions…
  ☆82Updated this week
• aquasecurity / appshield
  Security configuration checks for popular cloud native applications and infrastructure.
  ☆118Updated 3 years ago
• nsmith5 / rekor-sidekick
  🔍 Rekor transparency log monitoring and alerting
  ☆27Updated last year
• open-policy-agent / setup-opa
  Sets up Open Policy Agent CLI in your GitHub Actions workflow.
  ☆48Updated 10 months ago
• aquasecurity / trivy-vscode-extension
  A VS Code Extension for Trivy
  ☆119Updated this week
• onelittlenightmusic / opactl
  A simple tool for converting Rego (OPA) rule into command.
  ☆28Updated 2 years ago
• takaishi / tfclean
  tfclean is tool to remove applied moved block, import block, etc
  ☆44Updated this week
• wolfi-dev / wolfi-act
  Dynamic GitHub Actions from Wolfi packages
  ☆42Updated 9 months ago
• nwiizo / tfocus
  tfocus is a super interactive tool for selecting and executing Terraform plan/apply on specific resources. Think of it as an "emergency t…
  ☆54Updated last month
• anchore / k8s-inventory
  Anchore Kubernetes Inventory can poll Kubernetes Cluster API(s) to tell Anchore Enterprise which Containers and Images are currently in-u…
  ☆65Updated this week
• aquasecurity / trivy-kubernetes
  Trivy kubernetes library
  ☆33Updated this week
• slsa-framework / slsa-github-generator-go
  ☆56Updated 2 years ago
• deislabs / image-layer-provenance
  Container image provenance spec that allows tracing CVEs detected in registry images back to a CVE's source of origin.
  ☆43Updated last year
• aquasecurity / tfsec-pr-commenter-action
  Add comments to pull requests where tfsec checks have failed
  ☆167Updated last year
• YubicoLabs / action-conftest
  Easily run Conftest, pull remote policies, surface the results, and obtain test metrics
  ☆12Updated 2 years ago
• psanford / cloudtrail-tattletail
  AWS Cloudtrail event alerting lambda function. Send alerts to Slack, Email, or SNS.
  ☆20Updated last year
• RichardoC / kube-audit-rest
  Kubernetes audit logging, when you don't control the control plane
  ☆67Updated this week