carbonetes / brainiacLinks
BrainIAC uses static code analysis to analyze IAC code to detect security issues before deployment. This tool can scan for issues like security policy misconfigurations, insecure cloud-based services, and compliance issues.
☆71Updated last year
Alternatives and similar repositories for brainiac
Users that are interested in brainiac are comparing it to the libraries listed below
Sorting:
- Generates SBOMs for container images, filesystems, archives, and more to Discover packages and libraries Highly scalable data pipelines f…☆109Updated 5 months ago
- A Github Action that utilizes Diggity to generate software bill-of-materials (SBOM).☆14Updated 2 years ago
- ☆18Updated 5 months ago
- A Golang program to rotate AWS & GCP account keys☆65Updated 7 months ago
- Proof of Value Terraform Scripts to utilize Amazon Web Services (AWS) Security, Identity & Compliance Services to Support your AWS Accoun…☆16Updated 5 years ago
- A curated list of policy-as-code resources like blogs, videos, and tools to practice on for learning Policy-as-Code.☆199Updated 2 years ago
- An OPA library to develop IT Control policies, for the IBM Cloud☆17Updated 3 years ago
- Examples, samples, snippets and scripts to use with Steampipe.☆52Updated last year
- The Amazon Elastic Kubernetes Service (EKS) Creation Engine (ECE) is a Python command-line program created by the Lightspin Office of the…☆41Updated 2 years ago
- Examples on how to maintain security/compliance as code and to automate SecOps using the JupiterOne platform.☆54Updated last week
- NIST OSCAL SDK and CLI☆38Updated 5 years ago
- Use SQL to instantly query DNS records, certificates and other network information. Open source CLI. No DB required.☆26Updated 2 months ago
- Slack alert bot for matching Github Audit Events☆10Updated last year
- Use SQL to instantly query GCP resources across regions, projects and organizations. Open source CLI. No DB required.☆44Updated 2 weeks ago
- Privateer is a plugin-based framework to validate the status of deployed resources.☆16Updated this week
- Rego policies for enterprise-scale Compliance-as-Code with OPA Conftest.☆60Updated 2 years ago
- A schema and set of tools for using SQL to query cloud infrastructure.☆65Updated 4 years ago
- a tool to audit the istio service mesh☆173Updated 4 years ago
- Mitigations (AWS WAF, Lambda@Edge/CloudFront Functions) to implement on AWS to attempt to prevent log4j exploitation.☆22Updated 3 years ago
- Create and destroy bastions on demand with Fargate.☆64Updated 4 years ago
- Lint your Rego policies inside of Visual Studio Code☆16Updated last year
- Clean accounts over permissions in GCP infra at scale☆71Updated 2 years ago
- Use SQL to instantly query Oracle Cloud resources across regions and accounts. Open source CLI. No DB required.☆19Updated 2 weeks ago
- View dashboards and reports across all of your AWS accounts using Powerpipe and Steampipe.☆98Updated 5 months ago
- Static analysis tool to Identify and Fix GitHub Actions prone to Supply‑Chain Risks☆14Updated 5 months ago
- PolicyGlass allows you to analyse one or more AWS policies' effective permissions in aggregate, by restating them in the form of PolicySh…☆60Updated 3 years ago
- Creates a CloudFormation stack for running Security Monkey☆27Updated 6 years ago
- A framework for understanding the capabilities of automated detection methods at identifying classes of application security vulnerabilit…☆32Updated 2 weeks ago
- The Auditree framework tool to run compliance control checks as unit tests.☆73Updated last year
- in-toto is a framework to secure the software supply chain.☆71Updated 2 weeks ago