communitysec / sbom-hall-of-fameLinks
A place for the InfoSec community to share and celebrate real stories of organizations successfully using SBOMs (and other bills of material) to actually manage and reduce security risk in meaningful ways
☆43Updated last year
Alternatives and similar repositories for sbom-hall-of-fame
Users that are interested in sbom-hall-of-fame are comparing it to the libraries listed below
Sorting:
- Compares and analyzes GCP IAM roles.☆77Updated 7 months ago
- A tool to check the security settings of Github Organizations.☆72Updated 2 years ago
- Simple plug-and-play Github Action to block unauthorized outbound traffic (egress) in your Github workflows☆111Updated last month
- Supply-Chain Firewall (SCFW) is a tool for preventing the installation of malicious npm and PyPI packages☆165Updated this week
- ☆114Updated last month
- Markdown Version of the DHS/CISA Secure Software Development Self Attestation Form.☆21Updated 2 years ago
- An SBOM query language and associated utilities☆54Updated last year
- Useful scripts, Docker images, docker-compose apps, and Terraform modules.☆151Updated last week
- This repo. is archived. The utility is now at: https://github.com/CycloneDX/sbom-utility☆60Updated 2 years ago
- Documenting your Threat Models with HCL☆433Updated this week
- HashiCorp-relevant rules for the Semgrep code analysis tool☆41Updated 2 years ago
- Security Alert Decoration☆27Updated 2 months ago
- Tooling to simulate runtime attacks and test default runtime detections from Datadog Cloud Security Management.☆32Updated 11 months ago
- Template Go app repo with local test/lint/build/vulnerability check workflow, and on tag image test/build/release pipelines, with ko gene…☆104Updated last year
- Attaché provides an emulation layer for Cloud Provider IMDS APIs☆60Updated last year
- AWS honey token manager☆88Updated last year
- A Golang program to rotate AWS & GCP account keys☆66Updated 4 months ago
- ☆14Updated 3 years ago
- Automated testing, generation & manipulation of #osquery packs☆73Updated 11 months ago
- The Open Threat Modeling Format (OTM) defines a platform independent way to define the threat model of any system.☆177Updated 10 months ago
- 💅🏽 analyzes your github actions☆94Updated 3 weeks ago
- Scan GitHub Actions Workflow logs for IOCs☆15Updated last week
- Test & Compare different Kubernetes security offerings on EKS, GKE and AKS☆40Updated last year
- prel(iminary) is an application that temporarily assigns Google Cloud IAM Roles and includes an approval process.☆46Updated last week
- This Terraform module consists of the configuration for automating the remediation of AWS EC2 vulnerabilities using AWS Inspector finding…☆49Updated 3 months ago
- Tool for collecting vulnerability data from various sources (used to build the grype database)☆100Updated this week
- kntrl is an eBPF based runtime agent that monitors and prevents anomalous behaviour defined by you on your pipeline. kntrl achieves this …☆119Updated 2 weeks ago
- ☆122Updated 4 months ago
- NamespaceHound is the tool for detecting the risk of potential namespace crossing violations in multi-tenant clusters.☆110Updated 9 months ago
- The security workflow engine!☆122Updated last week