crashappsec / chalkLinks
Chalk allows you to follow code from development, through builds and into production.
☆388Updated this week
Alternatives and similar repositories for chalk
Users that are interested in chalk are comparing it to the libraries listed below
Sorting:
- Witness is a pluggable framework for software supply chain risk management. It automates, normalizes, and verifies software artifact pro…☆491Updated last week
- boostsecurityio/poutine☆308Updated this week
- A scanner for end-of-life (EOL) software and dependencies in container images, filesystems, and SBOMs☆404Updated this week
- A security layer for Git repositories☆536Updated last week
- A multi-vault secret injection tool for safely injecting secrets into app environment☆127Updated last month
- Evidence store and policy engine for your Software Supply Chain attestations, SBOMs, VEX, SARIF, QA reports, and more☆477Updated this week
- CI/CD Security Analyzer☆663Updated 5 months ago
- Evaluate source control (GitHub) security posture☆252Updated 2 years ago
- Validate the isolation posture of your container environment.☆296Updated this week
- A list of cloud security tools and vendors.☆174Updated 11 months ago
- RedFlag uses AI to identify high-risk code changes. Run it in batch mode for release candidate testing or in CI pipelines to flag PRs and…☆152Updated 8 months ago
- Open-source best practices for protecting a secure, sensible cloud platform☆126Updated 9 months ago
- A flexible threat detection platform that simplifies rule management and deployment using K8s CronJob and Helm, but can also run standalo…☆382Updated 10 months ago
- CLI that scans directories for Cloud Provider SDK usage generates the IAM Policies/Permissions needed☆76Updated 9 months ago
- GitGoat is an open source tool that was built to enable DevOps and Engineering teams to design and implement a sustainable misconfigurati…☆170Updated 6 months ago
- Software Supply Chain Security Platform☆345Updated this week
- Gram is Klarna's own threat model diagramming tool☆322Updated last week
- A tool for preventing the installation of malicious npm and PyPI packages☆153Updated this week
- Simple plug-and-play Github Action to block unauthorized outbound traffic (egress) in your Github workflows☆110Updated 2 weeks ago
- Documenting your Threat Models with HCL☆432Updated 2 months ago
- SecObserve is an open source vulnerability and license management system for software development teams and cloud environments. It suppor…☆148Updated this week
- A universal SBOM representation in protocol buffers☆296Updated 3 weeks ago
- Detect and remediate misconfigurations and security risks across all your GitHub and GitLab assets☆813Updated 4 months ago
- ☆70Updated last week
- OpenVEX Specification☆155Updated 2 months ago
- AWS honey token manager☆87Updated last year
- Template Go app repo with local test/lint/build/vulnerability check workflow, and on tag image test/build/release pipelines, with ko gene…☆104Updated last year
- Powerpipe: Dashboards for DevOps. Visualize cloud configurations. Assess security posture against a massive library of benchmarks. Build …☆422Updated this week
- YouShallNotPass brings an added level of execution security to mission-critical CI/CD Systems.☆36Updated last year
- The Open Threat Modeling Format (OTM) defines a platform independent way to define the threat model of any system.☆174Updated 8 months ago