ckotzbauer/sbom-operator

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/ckotzbauer/sbom-operator)

ckotzbauer / sbom-operator

Catalogue all images of a Kubernetes cluster to multiple targets with Syft

☆221

Alternatives and similar repositories for sbom-operator

Users that are interested in sbom-operator are comparing it to the libraries listed below

Sorting:

ckotzbauer / vulnerability-operator
View on GitHub
Scans SBOMs for vulnerabilities with Grype
☆85Updated this week
devops-kung-fu / hookz
View on GitHub
Manages client side git hooks resulting in the ability to create git action pipelines.
☆78Jul 5, 2024Updated last year
eBay / sbom-scorecard
View on GitHub
Generate a score for your sbom to understand if it will actually be useful.
☆238Aug 13, 2024Updated last year
controlplaneio / badrobot
View on GitHub
BadRobot - Operator Security Audit Tool
☆225Feb 2, 2026Updated last month
kubernetes-sigs / bom
View on GitHub
A utility to generate SPDX-compliant Bill of Materials manifests
☆443Feb 26, 2026Updated last week
philips-labs / fatt
View on GitHub
fatt tries to find any purl in your project by looking at predefined fields in the supported packages. These fields describe using a purl…
☆11Jan 26, 2026Updated last month
digitalis-io / vals-operator
View on GitHub
Kubernetes Operator to sync secrets between different secret backends and Kubernetes
☆164Feb 10, 2026Updated 3 weeks ago
Qovery / pleco
View on GitHub
Automatically removes Cloud managed services and Kubernetes resources based on tags with TTL
☆227Jan 15, 2026Updated last month
chainguard-dev / vex
View on GitHub
vexctl is a tool to attest VEX impact statements
☆45Mar 27, 2023Updated 2 years ago
IBM / sbom-utility
View on GitHub
This repo. is archived. The utility is now at: https://github.com/CycloneDX/sbom-utility
☆60Apr 17, 2023Updated 2 years ago
chainguard-dev / bomshell
View on GitHub
An SBOM query language and associated utilities
☆55Jan 22, 2024Updated 2 years ago
openvex / vexctl
View on GitHub
A tool to create, transform and attest VEX metadata
☆176Updated this week
philips-software / SPDXMerge
View on GitHub
SPDX Merge tool
☆50Updated this week
pete911 / certinfo
View on GitHub
print x509 certificate info
☆242Feb 21, 2026Updated last week
appvia / krane
View on GitHub
Kubernetes RBAC static analysis & visualisation tool
☆739Feb 13, 2026Updated 2 weeks ago
davideshay / vulnscan
View on GitHub
Vulnerability Scanner Suite based on grype and syft from anchore
☆52May 5, 2022Updated 3 years ago
mostafahussein / conceal
View on GitHub
A command line utility that provides a secure method to get your secrets from your existing password manager.
☆62Dec 18, 2022Updated 3 years ago
deislabs / image-layer-provenance
View on GitHub
Container image provenance spec that allows tracing CVEs detected in registry images back to a CVE's source of origin.
☆45Oct 30, 2023Updated 2 years ago
snyk / parlay
View on GitHub
Enrich SBOMs with data from third party services
☆220Feb 11, 2026Updated 3 weeks ago
luhring / example-container-image-supply-chain-security
View on GitHub
Example repository that demonstrates a supply chain security workflow using Syft, Grype, Cosign
☆12Sep 15, 2021Updated 4 years ago
sse-secure-systems / connaisseur
View on GitHub
An admission controller that integrates Container Image Signature Verification into a Kubernetes cluster
☆470Feb 26, 2026Updated last week
onelittlenightmusic / opactl
View on GitHub
A simple tool for converting Rego (OPA) rule into command.
☆30Jun 1, 2022Updated 3 years ago
opensbom-generator / spdx-sbom-generator
View on GitHub
Support CI generation of SBOMs via golang tooling.
☆424Jan 13, 2025Updated last year
stacklok / sigstore-the-hard-way
View on GitHub
sigstore the hard way!
☆118Aug 6, 2025Updated 6 months ago
in-toto / witness
View on GitHub
Witness is a pluggable framework for software supply chain risk management. It automates, normalizes, and verifies software artifact pro…
☆517Feb 25, 2026Updated last week
krisnova / kaar
View on GitHub
Kubernetes Application Archive
☆152May 4, 2022Updated 3 years ago
paralus / paralus
View on GitHub
All-in-one Kubernetes access manager. User-level credentials, RBAC, SSO, audit logs.
☆1,175Jan 29, 2026Updated last month
tellerops / helm-teller
View on GitHub
Allows you to manage configuration and secrets from multiple provider while masking the secrets at the deployment
☆70Nov 14, 2022Updated 3 years ago
philips-labs / spiffe-vault
View on GitHub
Integrates Spiffe and Vault to have secretless authentication
☆97Updated this week
giantswarm / dashboards
View on GitHub
All our dashboards for Grafana
☆26Updated this week
nikhilsbhat / helm-drift
View on GitHub
Helm plugin that identifies the configuration that has drifted from the Helm chart
☆82Feb 24, 2026Updated last week
sigstore / gitsign
View on GitHub
Keyless Git signing using Sigstore
☆1,066Updated this week
openclarity / openclarity
View on GitHub
OpenClarity is an open source platform built to enhance security and observability of cloud native applications and infrastructure
☆1,450Updated this week
plexsystems / konstraint
View on GitHub
A policy management tool for interacting with Gatekeeper
☆392Nov 20, 2025Updated 3 months ago
chenjiandongx / kubectl-count
View on GitHub
🎊 Count resources by kind
☆40Aug 2, 2022Updated 3 years ago
isa-group / Beet
View on GitHub
Beet is a Daikon front-end and one of the core components of AGORA (Automated Generation of test Oracles for REST APIs), the first approa…
☆46Jan 6, 2026Updated last month
evryfs / sbom-dependency-submission-action
View on GitHub
Submit SBOMs to GitHub's dependency submission API
☆18Dec 4, 2025Updated 3 months ago
o11ydev / oy-toolkit
View on GitHub
☆94Dec 15, 2023Updated 2 years ago
vvrnv / kctxsync
View on GitHub
kctxsync is a command-line tool to sync certificate and key data from a remote Kubernetes cluster's kubeconfig to your local kubeconfig.
☆10Feb 27, 2025Updated last year