Alternatives and similar repositories for threat-modelling-zero-trust-talk

Users that are interested in threat-modelling-zero-trust-talk are comparing it to the libraries listed below

• appvia / cosign-keyless-admission-webhook
  Kubernetes admission webhook that uses cosign verify to check the subject and issuer of the image matches what you expect
  ☆24Updated this week
• rode / rode-legacy
  cloud native software supply chain ☁️🔗
  ☆64Updated 4 years ago
• ritazh / psp-gatekeeper-policies
  ☆32Updated 5 years ago
• chainguard-dev / github-audit-alerter
  Slack alert bot for matching Github Audit Events
  ☆10Updated 11 months ago
• square / spiffe-aws-assume-role
  This tool allows using a SPIFFE JWT to authenticate to AWS APIs
  ☆34Updated 3 months ago
• mhausenblas / the-container-security-book
  The Container Security Book—a free book for practitioners
  ☆82Updated 5 years ago
• imjasonh / rbac-audit
  Generate K8s RBAC policies based on e2e test runs
  ☆28Updated 4 years ago
• mattmoor / zero-friction-actions
  An example repo demonstrating keyless signing with Github Actions
  ☆11Updated 3 years ago
• ChaosInTheCRD / Dexter
  Trust Dexter to ensure that all your images are pinned by digest for better security
  ☆31Updated 2 years ago
• sighupio / container-signature-enforcer
  ☆27Updated 3 years ago
• developer-guy / container-image-sign-and-verify-with-cosign-and-opa
  This is just a proof-of-concept project that aims to sign and verify container images using cosign and OPA (Open Policy Agent)
  ☆63Updated 4 years ago
• onelittlenightmusic / opactl
  A simple tool for converting Rego (OPA) rule into command.
  ☆31Updated 3 years ago
• garethr / snyky
  A known vulnerable Flask app with an excessive amount of automated testing
  ☆13Updated last month
• chainguard-dev / policy-catalog
  ☆20Updated 5 months ago
• chainguard-dev / vex
  vexctl is a tool to attest VEX impact statements
  ☆45Updated 2 years ago
• hasheddan / veneer
  A library for representing OCI image layers in an abstract filesystem
  ☆27Updated 5 years ago
• slashben / beat-ac-cosign-verifier
  This is a POC repository showing how a Kubernetes Admission Controller can be made irrelevant when verifying container image signatures
  ☆12Updated 2 years ago
• mathieu-benoit / istio-gatekeeper-demos
  Demos and resources of the Istio + Gatekeeper talks at IstioCon 2022 and GitOpsCon 2022
  ☆14Updated 2 years ago
• tstromberg / sigstore-the-local-way
  sigstore installation walkthrough, local
  ☆63Updated last year
• abstractinfrastructure / sigstore-intro-tutorial
  ☆15Updated 2 years ago
• mattermost / builder
  Mattermost builder
  ☆11Updated 3 years ago
• sysdiglabs / opa-image-scanner
  Kubernetes Admission Controller for Image Scanning using OPA
  ☆50Updated 2 years ago
• chris-short / chkcerts
  A Go program to display certificate chains simply and quickly with an easy to remember syntax
  ☆28Updated last year
• open-policy-agent / library
  The Open Policy Agent project standard library.
  ☆102Updated 2 years ago
• chainguard-dev / bomshell
  An SBOM query language and associated utilities
  ☆54Updated last year
• Rimurutempestx / Amazon-EKS-Breakdown
  ☆16Updated 2 years ago
• alcideio / pipeline
  Alcide Kubernetes Advisor ... Cluster Hygiene & Security Scanner - Pipeline Integration
  ☆29Updated 3 years ago
• mattmoor / kind-oidc
  Play with KinD and OIDC volumes
  ☆15Updated 4 years ago
• ckotzbauer / vulnerability-operator
  Scans SBOMs for vulnerabilities with Grype
  ☆85Updated last week
• cmacrae / kove
  Watch your in cluster Kubernetes manifests for OPA policy violations and export them as Prometheus metrics
  ☆48Updated 2 years ago