cbomkit / cbomkit-theiaLinks
A tool for detecting cryptographic assets in container images and directories, and generating CBOMs.
☆20Updated last week
Alternatives and similar repositories for cbomkit-theia
Users that are interested in cbomkit-theia are comparing it to the libraries listed below
Sorting:
- A toolset for dealing with Cryptography Bill of Materials (CBOM)☆55Updated this week
- This repository contains a SonarQube Plugin that detects cryptographic assets in source code and generates CBOM.☆48Updated this week
- Software Supply Chain Security Platform☆358Updated this week
- A standard API specification for exchanging supply chain artifacts and intelligence☆90Updated 2 weeks ago
- in-toto is a framework to secure the software supply chain.☆71Updated 10 months ago
- Format agnostic SBOM tooling☆121Updated last week
- Validate the isolation posture of your container environment.☆303Updated 3 months ago
- sbomqs: The Comprehensive SBOM Quality & Compliance Tool☆246Updated 3 weeks ago
- A tool to create, transform and attest VEX metadata☆164Updated 2 weeks ago
- Visualizer for GUAC☆28Updated 2 months ago
- Supporting code and demos for KubeCon EU 2023 talk "Malicious Compliance: Reflections on Trusting Container Image Scanners"☆67Updated last year
- Witness is a pluggable framework for software supply chain risk management. It automates, normalizes, and verifies software artifact pro…☆503Updated this week
- SecObserve is an open source vulnerability and license management system for software development teams and cloud environments. It suppor…☆190Updated this week
- kntrl is an eBPF based runtime agent that monitors and prevents anomalous behaviour defined by you on your pipeline. kntrl achieves this …☆122Updated last month
- Archivista is a graph and storage service for in-toto attestations. Archivista enables the discovery and retrieval of attestations for so…☆103Updated this week
- Template Go app repo with local test/lint/build/vulnerability check workflow, and on tag image test/build/release pipelines, with ko gene…☆103Updated last year
- VMClarity is a tool for agentless detection and management of Virtual Machine Software Bill Of Materials (SBOM) and vulnerabilities☆103Updated last year
- A simple mitmproxy blueprint to intercept HTTPS traffic from app running on Kubernetes☆73Updated 7 months ago
- Specification and other related documents.☆47Updated 10 months ago
- SDLC evidence store and policy engine for your Software Supply Chain attestations, SBOMs, VEX, SARIF, QA reports, and more☆511Updated this week
- ☆115Updated last week
- NamespaceHound is the tool for detecting the risk of potential namespace crossing violations in multi-tenant clusters.☆111Updated 10 months ago
- ☆251Updated last week
- Scan GitHub Actions Workflow logs for IOCs☆15Updated last month
- Response Engine for managing threats in your Kubernetes☆180Updated last week
- KBOM - Kubernetes Bill of Materials☆322Updated 3 months ago
- Generative and mutative fuzzer for Kubernetes admission controller chains by automatically parsing the cluster api specification.☆74Updated 2 years ago
- sbomify is a product security artifact management platform.☆38Updated this week
- Test & Compare different Kubernetes security offerings on EKS, GKE and AKS☆40Updated last year
- This terraform provider can be used to get remote code execution by injecting a dummy resource in a writeable state file.☆59Updated 9 months ago