ckotzbauer/vulnerability-operator

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/ckotzbauer/vulnerability-operator)

ckotzbauer / vulnerability-operator

Scans SBOMs for vulnerabilities with Grype

☆85

Alternatives and similar repositories for vulnerability-operator

Users that are interested in vulnerability-operator are comparing it to the libraries listed below

Sorting:

ckotzbauer / sbom-operator
View on GitHub
Catalogue all images of a Kubernetes cluster to multiple targets with Syft
☆221Feb 21, 2026Updated last week
davideshay / vulnscan
View on GitHub
Vulnerability Scanner Suite based on grype and syft from anchore
☆52May 5, 2022Updated 3 years ago
anchore / vulnerability-match-labels
View on GitHub
Labeled vulnerability-package match pairs used as ground truth to evaluate vulnerability scanners
☆14Updated this week
puerco / bomshell
View on GitHub
An query language and interactive tooling to work with SBOM data.
☆15Oct 7, 2024Updated last year
YubicoLabs / action-conftest
View on GitHub
Easily run Conftest, pull remote policies, surface the results, and obtain test metrics
☆12Oct 2, 2025Updated 5 months ago
luhring / example-container-image-supply-chain-security
View on GitHub
Example repository that demonstrates a supply chain security workflow using Syft, Grype, Cosign
☆12Sep 15, 2021Updated 4 years ago
fjogeleit / trivy-operator-polr-adapter
View on GitHub
Creates PolicyReports based on the different Trivy Operator CRDs like VulnerabilityReports
☆63Feb 23, 2026Updated last week
chainguard-dev / vex
View on GitHub
vexctl is a tool to attest VEX impact statements
☆45Mar 27, 2023Updated 2 years ago
eBay / sbom-scorecard
View on GitHub
Generate a score for your sbom to understand if it will actually be useful.
☆238Aug 13, 2024Updated last year
microsoft / scim
View on GitHub
Supply Chain Integrity Model
☆106Jun 12, 2023Updated 2 years ago
kelseyhightower / buildinfo-example
View on GitHub
☆17Jan 11, 2022Updated 4 years ago
IBM / sbom-utility
View on GitHub
This repo. is archived. The utility is now at: https://github.com/CycloneDX/sbom-utility
☆60Apr 17, 2023Updated 2 years ago
kubernetes-sigs / bom
View on GitHub
A utility to generate SPDX-compliant Bill of Materials manifests
☆443Updated this week
chainguard-dev / tlogistry
View on GitHub
Transparenty Immutable Container Image Tags
☆20Jul 5, 2023Updated 2 years ago
openvex / vexctl
View on GitHub
A tool to create, transform and attest VEX metadata
☆176Updated this week
sigstore / sget
View on GitHub
☆23Mar 13, 2023Updated 2 years ago
appvia / cosign-keyless-admission-webhook
View on GitHub
Kubernetes admission webhook that uses cosign verify to check the subject and issuer of the image matches what you expect
☆24Feb 19, 2026Updated last week
guacsec / guac
View on GitHub
GUAC aggregates software security metadata into a high fidelity graph database.
☆1,450Updated this week
devops-kung-fu / trustier
View on GitHub
Takes a software bill of materials and outputs provenance, and activity data from trustypkg.dev
☆10May 19, 2025Updated 9 months ago
open-policy-agent / gatekeeper-external-data-provider
View on GitHub
A template repository for building external data providers for Gatekeeper.
☆12Aug 14, 2023Updated 2 years ago
crazy-max / ghaction-docker-status
View on GitHub
GitHub Action to check Docker system status in your workflow
☆12Updated this week
SocialGouv / kontinuous
View on GitHub
Kontinuous - GitOps for Kubernetes 🥷
☆11Feb 9, 2026Updated 3 weeks ago
wlynch / smimecosign
View on GitHub
Keyless Git signing with cosign!
☆11May 12, 2022Updated 3 years ago
chrisns / cosign-keyless-demo
View on GitHub
Proof of concept that uses cosign and GitHub's in built OIDC for actions to sign container images, providing a proof that what is in the …
☆14Jan 31, 2023Updated 3 years ago
sysdiglabs / opa-image-scanner
View on GitHub
Kubernetes Admission Controller for Image Scanning using OPA
☆50Sep 18, 2023Updated 2 years ago
flux-subsystem-argo / fsa
View on GitHub
Flux Subsystem for Argo - Patch Repository
☆13Mar 29, 2024Updated last year
kaidotdev / kube-trivy-exporter
View on GitHub
KubeTrivyExporter is Prometheus Exporter that collects all vulnerabilities detected by aquasecurity/trivy in the kubernetes cluster.
☆50Feb 25, 2023Updated 3 years ago
anchore / grype-db
View on GitHub
☆62Updated this week
kinvolk / seccompagent
View on GitHub
agent for handling seccomp descriptors for container runtimes
☆47Feb 1, 2024Updated 2 years ago
owenrumney / lazytrivy
View on GitHub
Vulnerability scanning just got lazier
☆319Updated this week
anchore / grant
View on GitHub
A license scanner for container images and filesystems.
☆143Updated this week
jsotiro / docker-multiscan
View on GitHub
A multi scanner for docker images. It drives Clair, Anchore, Trivy, Snyk, Grype, AWS ECR scans and consolidates the results.
☆14Jun 23, 2023Updated 2 years ago
EgeKaanGurkan / k8sc
View on GitHub
A CLI application to make the use of "kubectl" more convenient
☆12Aug 22, 2022Updated 3 years ago
kubewarden / verify-image-signatures
View on GitHub
A Kubewarden Policy that verifies all the signatures of the container images referenced by a Pod
☆13Jan 20, 2026Updated last month
alcideio / skan
View on GitHub
Scan Kubernetes resource files , and helm charts for security configurations issues and best practices.
☆205Mar 3, 2023Updated 2 years ago
mathieu-benoit / istio-gatekeeper-demos
View on GitHub
Demos and resources of the Istio + Gatekeeper talks at IstioCon 2022 and GitOpsCon 2022
☆14Sep 4, 2023Updated 2 years ago
leodido / falco-diagrams
View on GitHub
Diagrams to visually learn Falco and its eBPF probe
☆15Jun 24, 2021Updated 4 years ago
imjasonh / rbac-audit
View on GitHub
Generate K8s RBAC policies based on e2e test runs
☆28Jul 6, 2021Updated 4 years ago
wallarm / sysbindings
View on GitHub
sysctl/sysfs settings on a fly for Kubernetes Cluster. No restarts are required for clusters and nodes.
☆19Aug 24, 2022Updated 3 years ago