coreinfrastructure/best-practices-badge external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

coreinfrastructure/best-practices-badge

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/coreinfrastructure/best-practices-badge)

Close

coreinfrastructure / best-practices-badgeView on GitHubMore

• External links
• Readme badge

🏆Open Source Security Foundation (OpenSSF) Best Practices Badge (formerly Core Infrastructure Initiative (CII) Best Practices Badge)

☆1,336May 25, 2026Updated this week

Alternatives and similar repositories for best-practices-badge

Users that are interested in best-practices-badge are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• ossf / census

  View on GitHub
  📜Automated review of open source software projects
  ☆122Dec 6, 2024Updated last year
• ossf / scorecard

  View on GitHub
  OpenSSF Scorecard - Security health metrics for Open Source
  ☆5,455May 19, 2026Updated last week
• todogroup / awesome-ospo

  View on GitHub
  Curated list of awesome tools for managing open source programs
  ☆501Apr 9, 2026Updated last month
• koalaman / shellcheck

  View on GitHub
  ShellCheck, a static analysis tool for shell scripts
  ☆39,473May 16, 2026Updated last week
• quay / clair

  View on GitHub
  Vulnerability Static Analysis for Containers
  ☆10,980Updated this week
• Deploy to Railway using AI coding agents - Free Credits Offer • Ad
  Use Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
• google / oss-fuzz

  View on GitHub
  OSS-Fuzz - continuous fuzzing for open source software.
  ☆12,280Updated this week
• librariesio / libraries.io

  View on GitHub
  The Open Source Discovery Service
  ☆1,151May 18, 2026Updated last week
• ossf / wg-best-practices-os-developers

  View on GitHub
  The Best Practices for OSS Developers working group is dedicated to raising awareness and education of secure code best practices for ope…
  ☆1,026Updated this week
• philips-software / spdx-action

  View on GitHub
  GitHub Action to get a license overview in SPDX format
  ☆14Dec 24, 2021Updated 4 years ago
• linuxkit / linuxkit

  View on GitHub
  A toolkit for building secure, portable and lean operating systems for containers
  ☆8,613Mar 27, 2026Updated last month
• docker / docker-bench-security

  View on GitHub
  The Docker Bench for Security is a script that checks for dozens of common best-practices around deploying Docker containers in productio…
  ☆9,639Oct 21, 2024Updated last year
• analysis-tools-dev / static-analysis

  View on GitHub
  ⚙️ A curated list of static analysis (SAST) tools and linters for all programming languages, config files, build tools, and more. The foc…
  ☆14,552May 18, 2026Updated last week
• todogroup / repolinter

  View on GitHub
  Repolinter, The Open Source Repository Linter
  ☆463Feb 6, 2026Updated 3 months ago
• notaryproject / notary

  View on GitHub
  Notary is a project that allows anyone to have trust over arbitrary collections of data
  ☆3,289Aug 7, 2024Updated last year
• Deploy to Railway using AI coding agents - Free Credits Offer • Ad
  Use Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
• slsa-framework / slsa

  View on GitHub
  Supply-chain Levels for Software Artifacts
  ☆1,868May 18, 2026Updated last week
• sustainers / sustainers.github.io

  View on GitHub
  The sustainoss.org website
  ☆34May 12, 2026Updated 2 weeks ago
• vmware-tanzu / sonobuoy

  View on GitHub
  Sonobuoy is a diagnostic tool that makes it easier to understand the state of a Kubernetes cluster by running a set of Kubernetes conform…
  ☆3,039Nov 25, 2025Updated 6 months ago
• lfit / itpol

  View on GitHub
  Useful IT policies
  ☆4,892Jan 23, 2024Updated 2 years ago
• aveloxis / OCDX-Specification

  View on GitHub
  Specification to describe the minimum information standard for online community data. Guidelines for describing data about online communi…
  ☆11Apr 11, 2026Updated last month
• google / gvisor

  View on GitHub
  Application Kernel for Containers
  ☆18,370Updated this week
• nayafia / lemonade-stand

  View on GitHub
  A handy guide to financial support for open source
  ☆7,665Aug 6, 2025Updated 9 months ago
• CISOfy / lynis

  View on GitHub
  Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and sys…
  ☆15,675May 11, 2026Updated 2 weeks ago
• ossf / scorecard-monitor

  View on GitHub
  Simplify OpenSSF Scorecard tracking in your organization with automated markdown and JSON reports, plus optional GitHub issue alerts
  ☆48May 11, 2026Updated 2 weeks ago
• Managed Database hosting by DigitalOcean • Ad
  PostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
• falcosecurity / falco

  View on GitHub
  Cloud Native Runtime Security
  ☆8,958May 19, 2026Updated last week
• hadolint / hadolint

  View on GitHub
  Dockerfile linter, validate inline bash, written in Haskell
  ☆12,145Updated this week
• GoogleContainerTools / distroless

  View on GitHub
  🥑 Language focused docker images, minus the operating system.
  ☆22,638Updated this week
• getsops / sops

  View on GitHub
  Simple and flexible tool for managing secrets
  ☆21,867May 18, 2026Updated last week
• ossf / security-insights

  View on GitHub
  Machine-readable specification for the attestation of security-relevant data.
  ☆75May 11, 2026Updated 2 weeks ago
• freach / kubernetes-security-best-practice

  View on GitHub
  Kubernetes Security - Best Practice Guide
  ☆2,716Sep 11, 2019Updated 6 years ago
• todogroup / governance

  View on GitHub
  TODO Group Governance
  ☆99Apr 15, 2026Updated last month
• sstephenson / bats

  View on GitHub
  Bash Automated Testing System
  ☆7,110Sep 27, 2019Updated 6 years ago
• ossf / criticality_score

  View on GitHub
  Gives criticality score for an open source project
  ☆1,429Dec 2, 2025Updated 5 months ago
• Managed Kubernetes at scale on DigitalOcean • Ad
  DigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
• sigstore / cosign

  View on GitHub
  Code signing and transparency for containers and binaries
  ☆5,934Updated this week
• containers / skopeo

  View on GitHub
  Work with remote images registries - retrieving information, images, signing content
  ☆10,881May 18, 2026Updated last week
• gravitational / teleport

  View on GitHub
  The easiest, and most secure way to access and protect all of your infrastructure.
  ☆20,344May 18, 2026Updated last week
• kubernetes / kops

  View on GitHub
  Kubernetes Operations (kOps) - Production Grade k8s Installation, Upgrades and Management
  ☆16,614Updated this week
• nayafia / contributing-template

  View on GitHub
  Template for writing your own contributing guide
  ☆735May 24, 2022Updated 4 years ago
• awslabs / git-secrets

  View on GitHub
  Prevents you from committing secrets and credentials into git repositories
  ☆13,315Sep 17, 2025Updated 8 months ago
• bdfinst / interactive-cd

  View on GitHub
  Interactive CD dependency diagram
  ☆31Feb 15, 2026Updated 3 months ago