Catalogue all images of a Kubernetes cluster to multiple targets with Syft
☆223Mar 22, 2026Updated this week
Alternatives and similar repositories for sbom-operator
Users that are interested in sbom-operator are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Scans SBOMs for vulnerabilities with Grype☆85Updated this week
- Manages client side git hooks resulting in the ability to create git action pipelines.☆78Jul 5, 2024Updated last year
- BadRobot - Operator Security Audit Tool☆226Feb 2, 2026Updated last month
- Generate a score for your sbom to understand if it will actually be useful.☆239Aug 13, 2024Updated last year
- fatt tries to find any purl in your project by looking at predefined fields in the supported packages. These fields describe using a purl…☆11Updated this week
- Automatically removes Cloud managed services and Kubernetes resources based on tags with TTL☆227Mar 17, 2026Updated last week
- Kubernetes Operator to sync secrets between different secret backends and Kubernetes☆165Feb 10, 2026Updated last month
- A utility to generate SPDX-compliant Bill of Materials manifests☆446Updated this week
- This repo. is archived. The utility is now at: https://github.com/CycloneDX/sbom-utility☆60Apr 17, 2023Updated 2 years ago
- print x509 certificate info☆242Mar 6, 2026Updated 2 weeks ago
- Kubernetes RBAC static analysis & visualisation tool☆737Feb 13, 2026Updated last month
- An SBOM query language and associated utilities☆55Jan 22, 2024Updated 2 years ago
- An admission controller that integrates Container Image Signature Verification into a Kubernetes cluster☆470Mar 18, 2026Updated last week
- Example repository that demonstrates a supply chain security workflow using Syft, Grype, Cosign☆12Sep 15, 2021Updated 4 years ago
- Container image provenance spec that allows tracing CVEs detected in registry images back to a CVE's source of origin.☆45Oct 30, 2023Updated 2 years ago
- Witness is a pluggable framework for software supply chain risk management. It automates, normalizes, and verifies software artifact pro…☆519Mar 17, 2026Updated last week
- Vulnerability Scanner Suite based on grype and syft from anchore☆52May 5, 2022Updated 3 years ago
- Integrates Spiffe and Vault to have secretless authentication☆99Updated this week
- Github Action implementation of SLSA Provenance Generation☆50Updated this week
- Kubernetes Application Archive☆152May 4, 2022Updated 3 years ago
- Submit SBOMs to GitHub's dependency submission API☆18Dec 4, 2025Updated 3 months ago
- A tool to create, transform and attest VEX metadata☆178Updated this week
- sigstore the hard way!☆118Aug 6, 2025Updated 7 months ago
- A command line utility that provides a secure method to get your secrets from your existing password manager.☆62Dec 18, 2022Updated 3 years ago
- All-in-one Kubernetes access manager. User-level credentials, RBAC, SSO, audit logs.☆1,182Jan 29, 2026Updated last month
- SPDX Merge tool☆51Mar 2, 2026Updated 3 weeks ago
- Template repository for testing CLI features of applications written in Go☆10Nov 14, 2021Updated 4 years ago
- OpenClarity is an open source platform built to enhance security and observability of cloud native applications and infrastructure☆1,453Mar 16, 2026Updated last week
- vexctl is a tool to attest VEX impact statements☆45Mar 27, 2023Updated 2 years ago
- statexec is a versatile command execution tool written in Go that gathers system metrics during the execution of a specified command.☆46Jan 21, 2024Updated 2 years ago
- Enrich SBOMs with data from third party services☆221Feb 11, 2026Updated last month
- 🎊 Count resources by kind☆39Aug 2, 2022Updated 3 years ago
- Keyless Git signing using Sigstore☆1,067Updated this week
- Helm plugin that identifies the configuration that has drifted from the Helm chart☆82Updated this week
- ☆94Dec 15, 2023Updated 2 years ago
- GUAC aggregates software security metadata into a high fidelity graph database.☆1,454Mar 17, 2026Updated last week
- All our dashboards for Grafana☆26Updated this week
- Support CI generation of SBOMs via golang tooling.☆424Jan 13, 2025Updated last year
- Terrap - a powerful CLI tool that scans your infrastructure and identifies any required changes.☆66Dec 5, 2023Updated 2 years ago