chainguard-dev / malcontentLinks
#supply #chain #attack #detection
☆542Updated this week
Alternatives and similar repositories for malcontent
Users that are interested in malcontent are comparing it to the libraries listed below
Sorting:
- Validate the isolation posture of your container environment.☆297Updated 2 weeks ago
- boostsecurityio/poutine☆309Updated last week
- Witness is a pluggable framework for software supply chain risk management. It automates, normalizes, and verifies software artifact pro…☆492Updated last week
- A security layer for Git repositories☆537Updated 2 weeks ago
- A repository of reports of malicious packages identified in Open Source package repositories, consumable via the Open Source Vulnerabilit…☆327Updated this week
- A tool for preventing the installation of malicious npm and PyPI packages☆158Updated this week
- Simple plug-and-play Github Action to block unauthorized outbound traffic (egress) in your Github workflows☆110Updated this week
- kntrl is an eBPF based runtime agent that monitors and prevents anomalous behaviour defined by you on your pipeline. kntrl achieves this …☆116Updated 3 months ago
- OpenVEX Specification☆156Updated 2 months ago
- Tool for building Kubernetes attack paths☆902Updated last month
- Gram is Klarna's own threat model diagramming tool☆324Updated last month
- Documenting your Threat Models with HCL☆433Updated 3 months ago
- BLint is a Binary Linter to check the security properties, and capabilities in your executables. Since v2, blint is also an SBOM generato…☆398Updated 2 weeks ago
- A reading list for software supply-chain security.☆363Updated 2 years ago
- Runtime Security Solution for your CI/CD Pipeline☆108Updated 2 months ago
- Practical resources for offensive CI/CD security research. Curated the best resources I've seen since 2021.☆536Updated 6 months ago
- GuardDog is a CLI tool to Identify malicious PyPI and npm packages☆795Updated last week
- GitHub Actions Pipeline Enumeration and Attack Tool☆701Updated 2 months ago
- Supporting code and demos for KubeCon EU 2023 talk "Malicious Compliance: Reflections on Trusting Container Image Scanners"☆67Updated last year
- A curated list of resources about detecting threats and defending Kubernetes systems.☆392Updated last year
- CI/CD Security Analyzer☆668Updated 6 months ago
- A tool to create, transform and attest VEX metadata☆152Updated this week
- App that simplifies building decision trees to model adverse scenarios☆216Updated last year
- Format agnostic SBOM tooling☆116Updated 2 weeks ago
- RedFlag uses AI to identify high-risk code changes. Run it in batch mode for release candidate testing or in CI pipelines to flag PRs and…☆152Updated 9 months ago
- OSV-SCALIBR: A library for Software Composition Analysis☆472Updated this week
- A scanner for end-of-life (EOL) software and dependencies in container images, filesystems, and SBOMs☆406Updated last week
- Kubernetes focused container assessment and context discovery tool for penetration testing☆464Updated last year
- Enrich SBOMs with data from third party services☆189Updated this week
- Generate a score for your sbom to understand if it will actually be useful.☆233Updated last year