chps-dev / chps-scorerLinks
Script to score images against CHPs criteria
☆26Updated this week
Alternatives and similar repositories for chps-scorer
Users that are interested in chps-scorer are comparing it to the libraries listed below
Sorting:
- Kubernetes Stranger Danger☆62Updated last year
- Container Hardening Priorities Specification (CHPS)☆31Updated 2 months ago
- Response Engine for managing threats in your Kubernetes☆163Updated last week
- Github Action to automatically update digests for container images.☆64Updated last month
- Scan GitHub Actions Workflow logs for IOCs☆15Updated 2 weeks ago
- NamespaceHound is the tool for detecting the risk of potential namespace crossing violations in multi-tenant clusters.☆100Updated 5 months ago
- Supporting code and demos for KubeCon EU 2023 talk "Malicious Compliance: Reflections on Trusting Container Image Scanners"☆67Updated last year
- Process documentation, non-code deliverables, and miscellaneous artifacts of Kubernetes SIG Security☆210Updated last week
- Run Falco in a GitHub Actions to detect suspicious behavior in your CI/CD☆37Updated 2 weeks ago
- Test & Compare different Kubernetes security offerings on EKS, GKE and AKS☆40Updated 9 months ago
- BadRobot - Operator Security Audit Tool☆221Updated this week
- KBOM - Kubernetes Bill of Materials☆317Updated 3 months ago
- (d)ocker(f)ile (c)onverter: CLI to convert Dockerfiles to use Chainguard Images and APKs in FROM and RUN lines etc.☆76Updated 2 weeks ago
- Artifact Ratification Framework (CNCF Sandbox)☆267Updated this week
- A tool to create, transform and attest VEX metadata☆145Updated this week
- Archivista is a graph and storage service for in-toto attestations. Archivista enables the discovery and retrieval of attestations for so…☆98Updated this week
- The regolibrary package contains the controls Kubescape uses for detecting misconfigurations in Kubernetes manifests.☆125Updated last month
- Scans SBOMs for vulnerabilities with Grype☆82Updated last week
- OWASP Kubernetes security and compliance tool [WIP]☆106Updated 2 years ago
- All-in-one auditing toolkit for identifying common security issues in managed Kubernetes environments. Currently supports Amazon EKS.☆350Updated last month
- ☆21Updated 7 months ago
- A tool for preventing the installation of malicious PyPI and npm packages☆149Updated this week
- A collection of reusable Github Actions workflows.☆133Updated this week
- Kubernetes audit logging, when you don't control the control plane☆81Updated last week
- Cedar for Kubernetes brings the power of Cedar to Kubernetes authorization and admission validation, showing how cluster administrators c…☆128Updated 2 months ago
- A standalone exporter for vulnerability reports and other CRs created by Trivy Operator (formerly Starboard).☆61Updated this week
- GitHub Action for Copacetic: Directly patch container image vulnerabilities☆28Updated last year
- Creates PolicyReports based on the different Trivy Operator CRDs like VulnerabilityReports☆61Updated this week
- A collection of tools to improve your containerized apps security posture☆143Updated last year
- Kubernetes automated tasks☆18Updated 3 weeks ago