crashappsec / chalkLinks
Chalk allows you to follow code from development, through builds and into production.
☆376Updated last week
Alternatives and similar repositories for chalk
Users that are interested in chalk are comparing it to the libraries listed below
Sorting:
- A Software as a Service (SaaS) log collection framework.☆170Updated last week
- A universal SBOM representation in protocol buffers☆288Updated this week
- boostsecurityio/poutine☆279Updated this week
- Gram is Klarna's own threat model diagramming tool☆319Updated 2 weeks ago
- Evaluate source control (GitHub) security posture☆249Updated 2 years ago
- Powerpipe: Dashboards for DevOps. Visualize cloud configurations. Assess security posture against a massive library of benchmarks. Build …☆391Updated last week
- RedFlag uses AI to identify high-risk code changes. Run it in batch mode for release candidate testing or in CI pipelines to flag PRs and…☆149Updated 6 months ago
- A list of cloud security tools and vendors.☆166Updated 8 months ago
- Documenting your Threat Models with HCL☆430Updated this week
- Open-source best practices for protecting a secure, sensible cloud platform☆125Updated 7 months ago
- Witness is a pluggable framework for software supply chain risk management. It automates, normalizes, and verifies software artifact pro…☆482Updated this week
- Lambda function that streamlines containment of an AWS account compromise☆345Updated last year
- CNAPPgoat is an open source project designed to modularly provision vulnerable-by-design components in cloud environments.☆285Updated 9 months ago
- A multi-vault secret injection tool for safely injecting secrets into app environment☆125Updated last month
- Practical resources for offensive CI/CD security research. Curated the best resources I've seen since 2021.☆518Updated 3 months ago
- A security layer for Git repositories☆525Updated this week
- Generate a score for your sbom to understand if it will actually be useful.☆229Updated 9 months ago
- An open-source tool for auditing your software supply chain stack for security compliance based on a new CIS Software Supply Chain benchm…☆748Updated 5 months ago
- CI/CD Security Analyzer☆658Updated 3 months ago
- Validate the isolation posture of your container environment.☆279Updated 2 weeks ago
- Awesome secure by default libraries to help you eliminate bug classes!☆691Updated last month
- select * from logs; Tailpipe is an open source SIEM for instant log insights, powered by DuckDB. Analyze millions of events in seconds, r…☆434Updated this week
- Flowpipe is a cloud scripting engine. Automation and workflow to connect your clouds to the people, systems and data that matters.☆419Updated last month
- A tool to check the security settings of Github Organizations.☆71Updated last year
- Detect and remediate misconfigurations and security risks across all your GitHub and GitLab assets☆809Updated 2 months ago
- Evidence store and policy engine for your Software Supply Chain attestations, SBOMs, VEX, SARIF, QA reports, and more☆455Updated this week
- Open source compliance tool for development platforms.☆286Updated last year
- The Open Threat Modeling Format (OTM) defines a platform independent way to define the threat model of any system.☆172Updated 6 months ago
- Cloud Commotion intends to cause chaos to simulate security incidents☆144Updated 11 months ago
- AWS honey token manager☆87Updated 10 months ago