carbonetes / brainiacLinks
BrainIAC uses static code analysis to analyze IAC code to detect security issues before deployment. This tool can scan for issues like security policy misconfigurations, insecure cloud-based services, and compliance issues.
☆70Updated 8 months ago
Alternatives and similar repositories for brainiac
Users that are interested in brainiac are comparing it to the libraries listed below
Sorting:
- Generates SBOMs for container images, filesystems, archives, and more to Discover packages and libraries Highly scalable data pipelines f…☆107Updated this week
- A Github Action that utilizes Diggity to generate software bill-of-materials (SBOM).☆14Updated 2 years ago
- Jacked provides organizations with a more comprehensive look at their application to take calculated actions and create a better security…☆103Updated this week
- ☆18Updated 2 weeks ago
- Audit Dependency-Track findings and policy violations via policy as code☆33Updated last week
- A comprehensive, systematic and actionable way to understand attacker behaviors and techniques with respect to the software supply chain☆94Updated 3 months ago
- ☆53Updated 3 years ago
- Measure release insights and recommendations for open-source dependencies. Note: this project is archived.☆11Updated 2 years ago
- ☆35Updated 2 years ago
- A framework for understanding the capabilities of automated detection methods at identifying classes of application security vulnerabilit…☆14Updated this week
- CICD Using GitHub Action and Harness☆17Updated 2 years ago
- The Open Threat Modeling Format (OTM) defines a platform independent way to define the threat model of any system.☆172Updated 6 months ago
- HashiCorp-relevant rules for the Semgrep code analysis tool☆41Updated last year
- Prevent leaks with gitleaks, and use tests to validate☆32Updated last week
- StartLeft is an automation tool for generating Threat Models written in the Open Threat Model (OTM) format from a variety of different so…☆50Updated last week
- A web based tool for working with CycloneDX BOMs☆38Updated 9 months ago
- Example repository for GitHub Actions Time of Check to Time of Use (TOCTOU vulnerabilities)☆23Updated last month
- OWASP Foundation Web Respository☆18Updated 2 weeks ago
- SBOM Edit - Conditional edits and merging of SBOMs☆69Updated this week
- Lockheed Martin developed utility to generate CycloneDX SBOMs for Linux distributions☆47Updated last year
- DustiLock is a tool to find which of your dependencies is susceptible to a Dependency Confusion attack.☆38Updated 3 years ago
- A Python, Boto3 script that leverages a forensic volume to attach & mount to a selected instance, run a memory dump, unmount and detach f…☆12Updated 4 years ago
- Demonstrates how a malicious dependency could negatively impact the build output.☆24Updated last year
- Basic w3af scan in Docker. Can be integrated into CI\CD☆11Updated 5 years ago
- Utility that provides an API platform for validating, querying and managing BOM data☆113Updated last week
- Creates CycloneDX Software Bill-of-Materials (SBOM) from Go projects. So you can use it with DependencyTrack to monitor security issues i…☆21Updated 5 years ago
- Tools that checks for misconfigured access to Github OIDC from AWS roles and GCP service accounts☆61Updated 2 years ago
- Agile Threat Modeling as Code☆13Updated 2 years ago
- https://breaches.cloud☆39Updated 7 months ago
- GHAST (GitHub Actions Static Analysis Tool) is a tool to analyze the security posture of your GitHub Actions and its surrounding environm…☆19Updated last year