cdfoundation / CICD-CybersecurityLinks
CI/CD pipelines are critical touchpoints in modern software development where code-level vulnerabilities, container security, and vulnerability remediation efforts converge. This SIG is dedicated to advancing security tooling within CI/CD pipelines, with a focus on defining best security practices and developing frameworks for secure pipeline.
☆22Updated 2 weeks ago
Alternatives and similar repositories for CICD-Cybersecurity
Users that are interested in CICD-Cybersecurity are comparing it to the libraries listed below
Sorting:
- SIG Software Supply Chain☆16Updated last year
- 📜Fork for tracking CNCF projects☆67Updated this week
- 📈CNCF-created tool for analyzing and graphing developer contributions☆113Updated this week
- Instructions and scripts how to deploy Keptn on K3s☆29Updated 2 years ago
- This is the source repository for https://bestpractices.cd.foundation☆14Updated last year
- Docs and Tutorials for Chainguard☆86Updated last week
- Static Code Analyser for Infrastructure-as-Code languages such as CloudFormation and Terraform as well as DevOps like Docker and Kuberne…☆56Updated this week
- CLOMonitor is a tool that periodically checks open source projects repositories to verify they meet certain project health best practices☆145Updated this week
- The S2C2F Project is a group working within the OpenSSF's Supply Chain Integrity Working Group formed to further develop and continuously…☆218Updated 6 months ago
- Documentation for users of Jenkins project infrastructure☆23Updated last week
- GitHub Action for creating software bill of materials using Syft.☆210Updated last week
- Examples for demonstrating keptn use cases☆22Updated last year
- A VS Code Extension for Trivy☆152Updated this week
- ☆11Updated last year
- Examples of SPDX files for software combinations☆139Updated 2 weeks ago
- Jenkins Infrastructure Kubernetes Management☆61Updated this week
- Terrascan GitHub action. Scan infrastructure as code including Terraform, Kubernetes, Helm, and Kustomize file for security best practice…☆64Updated 11 months ago
- ☆30Updated this week
- Archivista is a graph and storage service for in-toto attestations. Archivista enables the discovery and retrieval of attestations for so…☆103Updated this week
- All Aqua deployments options and aquactl configuration☆62Updated last month
- Interactions with the CDF Staff and Board☆34Updated 5 months ago
- Use Snyk to find and fix vulnerabilities in your Kubernetes workloads☆93Updated last week
- The Aqua Security Provider for Terraform allows you to declaratively define the configuration of your Aqua platform.☆37Updated last week
- GitHub actions of KICS scan - Keeping Infrastructure as Code Secure☆52Updated this week
- Validate the SPDX SBOM against NTIA, CISA, and other minimum element requirements.☆74Updated last week
- in-toto is a framework to secure the software supply chain.☆71Updated this week
- A Github Action to automatically update digests for container images.☆79Updated 2 weeks ago
- Backstage Software Templates for creating a new software component☆166Updated last month
- CDF Events Special Interest Group☆51Updated last year
- Scenario examples for Killercoda.com☆119Updated last year