cdfoundation / CICD-CybersecurityLinks
CI/CD pipelines are critical touchpoints in modern software development where code-level vulnerabilities, container security, and vulnerability remediation efforts converge. This SIG is dedicated to advancing security tooling within CI/CD pipelines, with a focus on defining best security practices and developing frameworks for secure pipeline.
โ16Updated last week
Alternatives and similar repositories for CICD-Cybersecurity
Users that are interested in CICD-Cybersecurity are comparing it to the libraries listed below
Sorting:
- SIG Software Supply Chainโ16Updated 6 months ago
- ๐Fork for tracking CNCF projectsโ59Updated this week
- ๐CNCF-created tool for analyzing and graphing developer contributionsโ95Updated this week
- in-toto is a framework to secure the software supply chain.โ70Updated 4 months ago
- Docs and Tutorials for Chainguardโ83Updated this week
- (d)ocker(f)ile (c)onverter: CLI to convert Dockerfiles to use Chainguard Images and APKs in FROM and RUN lines etc.โ65Updated this week
- Scan GitHub Actions Workflow logs for IOCsโ15Updated this week
- โ12Updated last week
- A privacy-focused, local-only security dashboard for monitoring Kubernetes cluster security using eBPF and Cilium. All metrics and data sโฆโ17Updated 5 months ago
- Script to score images against CHPs criteriaโ25Updated this week
- Sources used for the Buoyant Service Mesh Academy, for your entertainment and knowledge, and as a base for getting things done.โ72Updated 3 weeks ago
- โ87Updated this week
- Examples for demonstrating keptn use casesโ22Updated last year
- FINOS Common Cloud Controlsโ49Updated this week
- โ๏ธโฎ๐๐ง The CNCF.io WordPress websiteโ94Updated 3 weeks ago
- CNCF TechDocs Teamโ49Updated last week
- Keptn community content: governance, community management, project infrastructure etc.โ53Updated 3 months ago
- The Linux Foundation Certified GitOps Associate (CGOA) Study Guideโ99Updated 2 weeks ago
- โ52Updated this week
- GitHub Action for Copacetic: Directly patch container image vulnerabilitiesโ28Updated last year
- Kubernetes automated tasksโ18Updated last week
- Documentation for users of Jenkins project infrastructureโ23Updated this week
- โ45Updated this week
- Archivista is a graph and storage service for in-toto attestations. Archivista enables the discovery and retrieval of attestations for soโฆโ97Updated this week
- A VS Code Extension for Trivyโ138Updated this week
- `yorbox` is a command-line interface (CLI) tool that helps manage tags consistently across infrastructure as code (IaC) frameworks. It isโฆโ33Updated 5 months ago
- Terraform module for OWASP Domain Protect on AWSโ12Updated this week
- Slides and other assets for the re:Invent 2024 KUB trackโ46Updated 5 months ago
- Global Cyber Policy Working Groupโ64Updated this week
- Simplify OpenSSF Scorecard tracking in your organization with automated markdown and JSON reports, plus optional GitHub issue alertsโ35Updated 3 weeks ago