crashappsec / chalkLinks
Chalk allows you to follow code from development, through builds and into production.
☆408Updated this week
Alternatives and similar repositories for chalk
Users that are interested in chalk are comparing it to the libraries listed below
Sorting:
- boostsecurityio/poutine☆341Updated this week
- Detect and remediate misconfigurations and security risks across all your GitHub and GitLab assets☆815Updated 6 months ago
- select * from logs; Tailpipe is an open source SIEM for instant log insights, powered by DuckDB. Analyze millions of events in seconds, r…☆509Updated 2 weeks ago
- Lambda function that streamlines containment of an AWS account compromise☆344Updated last year
- Validate the isolation posture of your container environment.☆301Updated 2 months ago
- CI/CD Security Analyzer☆675Updated 8 months ago
- Open-source best practices for protecting a secure, sensible cloud platform☆128Updated last year
- A list of cloud security tools and vendors.☆180Updated last year
- Witness is a pluggable framework for software supply chain risk management. It automates, normalizes, and verifies software artifact pro…☆498Updated this week
- A Software as a Service (SaaS) log collection framework.☆178Updated 3 weeks ago
- A scanner for end-of-life (EOL) software and dependencies in container images, filesystems, and SBOMs☆418Updated this week
- Gram is Klarna's own threat model diagramming tool☆326Updated 3 weeks ago
- GitGoat is an open source tool that was built to enable DevOps and Engineering teams to design and implement a sustainable misconfigurati…☆170Updated 9 months ago
- Simple plug-and-play Github Action to block unauthorized outbound traffic (egress) in your Github workflows☆112Updated 2 weeks ago
- Documenting your Threat Models with HCL☆436Updated 2 weeks ago
- Powerpipe: Dashboards for DevOps. Visualize cloud configurations. Assess security posture against a massive library of benchmarks. Build …☆446Updated last week
- RedFlag uses AI to identify high-risk code changes. Run it in batch mode for release candidate testing or in CI pipelines to flag PRs and…☆153Updated 11 months ago
- An open source, cloud-native security to protect everything from build to runtime☆322Updated last week
- The security workflow engine!☆125Updated last week
- Evaluate source control (GitHub) security posture☆251Updated 2 years ago
- A security layer for Git repositories☆553Updated this week
- SecObserve is an open source vulnerability and license management system for software development teams and cloud environments. It suppor…☆188Updated this week
- YouShallNotPass brings an added level of execution security to mission-critical CI/CD Systems.☆37Updated last year
- A flexible threat detection platform that simplifies rule management and deployment using K8s CronJob and Helm, but can also run standalo…☆383Updated last year
- Supply-Chain Firewall (SCFW) is a tool for preventing the installation of malicious npm and PyPI packages☆168Updated this week
- Flowpipe is a cloud scripting engine. Automation and workflow to connect your clouds to the people, systems and data that matters.☆443Updated last week
- Awesome secure by default libraries to help you eliminate bug classes!☆700Updated 6 months ago
- OpenVEX Specification☆160Updated 4 months ago
- A universal SBOM representation in protocol buffers☆303Updated last week
- Prevent merging of malicious code in pull requests☆236Updated 7 months ago