Scans SBOMs for vulnerabilities with Grype
☆85Mar 22, 2026Updated this week
Alternatives and similar repositories for vulnerability-operator
Users that are interested in vulnerability-operator are comparing it to the libraries listed below
Sorting:
- Catalogue all images of a Kubernetes cluster to multiple targets with Syft☆223Mar 15, 2026Updated last week
- Vulnerability Scanner Suite based on grype and syft from anchore☆52May 5, 2022Updated 3 years ago
- Labeled vulnerability-package match pairs used as ground truth to evaluate vulnerability scanners☆14Updated this week
- An query language and interactive tooling to work with SBOM data.☆15Oct 7, 2024Updated last year
- Generate a score for your sbom to understand if it will actually be useful.☆239Aug 13, 2024Updated last year
- Example repository that demonstrates a supply chain security workflow using Syft, Grype, Cosign☆12Sep 15, 2021Updated 4 years ago
- A tool to create, transform and attest VEX metadata☆178Updated this week
- Easily run Conftest, pull remote policies, surface the results, and obtain test metrics☆12Oct 2, 2025Updated 5 months ago
- Creates PolicyReports based on the different Trivy Operator CRDs like VulnerabilityReports☆64Updated this week
- vexctl is a tool to attest VEX impact statements☆45Mar 27, 2023Updated 2 years ago
- Takes a software bill of materials and outputs provenance, and activity data from trustypkg.dev☆10May 19, 2025Updated 10 months ago
- Kontinuous - GitOps for Kubernetes 🥷☆11Updated this week
- A utility to generate SPDX-compliant Bill of Materials manifests☆446Updated this week
- GitHub Action for creating software bill of materials using Syft.☆227Updated this week
- This repo. is archived. The utility is now at: https://github.com/CycloneDX/sbom-utility☆60Apr 17, 2023Updated 2 years ago
- Supply Chain Integrity Model☆106Jun 12, 2023Updated 2 years ago
- 🔴🟡🟢 The Amazing Multipurpose Policy Engine (and L)☆40Updated this week
- ☆63Updated this week
- ☆17Jan 11, 2022Updated 4 years ago
- SBOM Move - Automate build and transfer of SBOMs across systems☆25Mar 16, 2026Updated last week
- Transparenty Immutable Container Image Tags☆20Jul 5, 2023Updated 2 years ago
- A simple, powerful, and extensible Go logging framework suitable for stylized command line utilities and multi-writer logging☆23Aug 13, 2024Updated last year
- Vulnerability scanning just got lazier☆319Updated this week
- sbomqs: The Comprehensive SBOM Quality & Compliance Tool☆271Updated this week
- tutorials made for @cryptoparty & other security/teaching stuff☆12Jan 17, 2016Updated 10 years ago
- Visualizer for GUAC☆30Updated this week
- Enrich SBOMs with data from third party services☆221Feb 11, 2026Updated last month
- ☆50Updated this week
- Kubernetes Admission Controller for Image Scanning using OPA☆50Sep 18, 2023Updated 2 years ago
- GitHub Action to check Docker system status in your workflow☆12Mar 14, 2026Updated last week
- A collection of tools to improve your containerized apps security posture☆152May 26, 2024Updated last year
- An admission controller service and kubectl plugin to handle container drift in K8s clusters☆125Dec 2, 2021Updated 4 years ago
- The plumber you'll hire to install all your Kubernetes network plumbing☆23Oct 17, 2025Updated 5 months ago
- A kubectl plugin to explore ingresses -> services -> workloads☆16Jun 1, 2020Updated 5 years ago
- An open-source tool for auditing your software supply chain stack for security compliance based on a new CIS Software Supply Chain benchm…☆770Dec 11, 2024Updated last year
- Dynamic GitHub Actions from Wolfi packages☆44May 15, 2025Updated 10 months ago
- Store and access your secrets the Kubernetes native way with any external KMS.☆180Sep 15, 2023Updated 2 years ago
- Terraform configuration for the Atlas Terraform Tutorial☆17Feb 20, 2026Updated last month
- Sigstore OIDC PKI☆814Mar 16, 2026Updated last week