chps-dev / chpsLinks
Container Hardening Priorities Specification (CHPS)
☆37Updated 4 months ago
Alternatives and similar repositories for chps
Users that are interested in chps are comparing it to the libraries listed below
Sorting:
- sigstore the hard way!☆115Updated this week
- This projects contains pre-made policies for Kubernetes Validating Admission Policies. This policy library is based on Kubescape controls…☆68Updated 2 weeks ago
- Add CA certificates into containers☆154Updated 3 weeks ago
- kubectl plugin for signing Kubernetes manifest YAML files with sigstore☆84Updated 3 weeks ago
- Creates PolicyReports based on the different Trivy Operator CRDs like VulnerabilityReports☆61Updated last week
- approver-policy is a cert-manager approver that allows users to define policies that restrict what certificates can be requested.☆85Updated this week
- Scans SBOMs for vulnerabilities with Grype☆84Updated this week
- Plugin for Helm to integrate the sigstore ecosystem☆65Updated last week
- A Go program to display certificate chains simply and quickly with an easy to remember syntax☆28Updated 9 months ago
- A kubectl plugin to visualize network policies rules.☆96Updated last year
- Trust Dexter to ensure that all your images are pinned by digest for better security☆30Updated last year
- Enterprise Distribution for Flux CD☆77Updated last week
- sigstore installation walkthrough, local☆62Updated last year
- Dynamic GitHub Actions from Wolfi packages☆44Updated 2 months ago
- A pane of glass between you and your Kubernetes clusters.☆46Updated last year
- A standalone exporter for vulnerability reports and other CRs created by Trivy Operator (formerly Starboard).☆63Updated this week
- BadRobot - Operator Security Audit Tool☆221Updated 3 weeks ago
- Vulnerability Scanner Suite based on grype and syft from anchore☆52Updated 3 years ago
- Stuff to make standing up sigstore (esp. for testing) easier for e2e/integration testing.☆67Updated this week
- Catalogue all images of a Kubernetes cluster to multiple targets with Syft☆203Updated this week
- Anchore Kubernetes Inventory can poll Kubernetes Cluster API(s) to tell Anchore Enterprise which Containers and Images are currently in-u…☆67Updated this week
- (D)ocker(F)ile (C)onverter: CLI to convert Dockerfiles to use Chainguard Images and APKs in FROM and RUN lines etc.☆82Updated 2 weeks ago
- A collection of reusable Github Actions workflows.☆135Updated this week
- Inspect certificate authorities in container images☆236Updated this week
- The Helm Charts OCI Proxy, will proxy and transform Helm Chart into OCI images on the fly. Address any Helm Chart as OCI image.☆132Updated 2 months ago
- Threat-informed defense for cloudnative: Reference Implementation of a so-called Honeycluster - The detection capabilities can also be us…☆51Updated this week
- Archivista is a graph and storage service for in-toto attestations. Archivista enables the discovery and retrieval of attestations for so…☆98Updated this week
- K8s-shredder - an opinionated way of parking in Kubernetes☆83Updated this week
- An admission controller service and kubectl plugin to handle container drift in K8s clusters☆124Updated 3 years ago
- Kubernetes Operator to sync secrets between different secret backends and Kubernetes☆163Updated 3 weeks ago