Alternatives and similar repositories for threat-modelling-zero-trust-talk

Users that are interested in threat-modelling-zero-trust-talk are comparing it to the libraries listed below

• appvia / cosign-keyless-admission-webhook
  Kubernetes admission webhook that uses cosign verify to check the subject and issuer of the image matches what you expect
  ☆23Updated last week
• rode / rode-legacy
  cloud native software supply chain ☁️🔗
  ☆63Updated 4 years ago
• mattmoor / zero-friction-actions
  An example repo demonstrating keyless signing with Github Actions
  ☆11Updated 3 years ago
• chainguard-dev / github-audit-alerter
  Slack alert bot for matching Github Audit Events
  ☆10Updated 11 months ago
• ChaosInTheCRD / Dexter
  Trust Dexter to ensure that all your images are pinned by digest for better security
  ☆30Updated last year
• developer-guy / container-image-sign-and-verify-with-cosign-and-opa
  This is just a proof-of-concept project that aims to sign and verify container images using cosign and OPA (Open Policy Agent)
  ☆63Updated 4 years ago
• square / spiffe-aws-assume-role
  This tool allows using a SPIFFE JWT to authenticate to AWS APIs
  ☆34Updated 3 months ago
• sysdiglabs / opa-image-scanner
  Kubernetes Admission Controller for Image Scanning using OPA
  ☆50Updated 2 years ago
• sighupio / container-signature-enforcer
  ☆27Updated 3 years ago
• MattiasGees / spiffe-demo
  Showcasing the potential of SPIFFE with real-life services
  ☆10Updated 2 months ago
• onelittlenightmusic / opactl
  A simple tool for converting Rego (OPA) rule into command.
  ☆31Updated 3 years ago
• chris-short / chkcerts
  A Go program to display certificate chains simply and quickly with an easy to remember syntax
  ☆28Updated 11 months ago
• imjasonh / rbac-audit
  Generate K8s RBAC policies based on e2e test runs
  ☆28Updated 4 years ago
• chainguard-dev / vex
  vexctl is a tool to attest VEX impact statements
  ☆45Updated 2 years ago
• ritazh / psp-gatekeeper-policies
  ☆32Updated 5 years ago
• slashben / beat-ac-cosign-verifier
  This is a POC repository showing how a Kubernetes Admission Controller can be made irrelevant when verifying container image signatures
  ☆12Updated 2 years ago
• mattmoor / kind-oidc
  Play with KinD and OIDC volumes
  ☆15Updated 3 years ago
• chainguard-dev / policy-catalog
  ☆20Updated 4 months ago
• ckotzbauer / vulnerability-operator
  Scans SBOMs for vulnerabilities with Grype
  ☆85Updated this week
• Rimurutempestx / Amazon-EKS-Breakdown
  ☆16Updated 2 years ago
• instrumenta / conftest-action
  A GitHub Action for using Conftest
  ☆33Updated 3 years ago
• cmacrae / kove
  Watch your in cluster Kubernetes manifests for OPA policy violations and export them as Prometheus metrics
  ☆48Updated 2 years ago
• mathieu-benoit / istio-gatekeeper-demos
  Demos and resources of the Istio + Gatekeeper talks at IstioCon 2022 and GitOpsCon 2022
  ☆14Updated 2 years ago
• reulan / clairvoyance
  Drift detection and reporting for Terraform.
  ☆27Updated 4 years ago
• mhausenblas / the-container-security-book
  The Container Security Book—a free book for practitioners
  ☆82Updated 5 years ago
• weaveworks / cluster-api-provider-existinginfra
  Manage existing infrastructure with Cluster API using this provider.
  ☆45Updated 3 years ago
• open-policy-agent / library
  The Open Policy Agent project standard library.
  ☆101Updated 2 years ago
• zawachte / etcd-k8s-extract
  etcd-k8s-extract takes in an etcd data directory or db file used in kubernetes, extracts the kubernetes resources and then writes the res…
  ☆36Updated 9 months ago
• alcideio / kaudit
  Alcide Kubernetes Audit Log Analyzer - Alcide kAudit
  ☆36Updated 4 years ago
• chainguard-dev / terraform-provider-oci
  Terraform provider to perform OCI image operations
  ☆14Updated last week