The Compliance Validator
☆184Mar 2, 2026Updated last week
Alternatives and similar repositories for lula1
Users that are interested in lula1 are comparing it to the libraries listed below
Sorting:
- Repository for the generation of OSCAL data types☆28Updated this week
- Type safe K8s middleware for humans☆222Mar 1, 2026Updated last week
- ☆45Updated this week
- OSCAL and Kyverno Policy Demo for AWS☆16Aug 16, 2023Updated 2 years ago
- 🏭 UDS Software Factory Integration / Wayfinding Repo☆19Jan 7, 2026Updated 2 months ago
- The Airgap Native Package Manager for Kubernetes☆1,831Updated this week
- A list of tools, blog posts, and other resources that further the use and adoption of OSCAL standards.☆211Jun 25, 2025Updated 8 months ago
- ☆16May 15, 2024Updated last year
- Common framework for UDS Packages☆12Updated this week
- A @kubernetes/client-node fluent API wrapper that leverages K8s Server Side Apply for use with https://pepr.dev☆27Updated this week
- A case study for ACSAC 2022 utilizing OSCAL with a custom GitHub action to automate assessments.☆23Mar 1, 2023Updated 3 years ago
- Open Security Controls Assessment Language Toolbox☆17Feb 4, 2026Updated last month
- Witness is a pluggable framework for software supply chain risk management. It automates, normalizes, and verifies software artifact pro…☆518Updated this week
- NIST OSCAL SDK and CLI☆22Feb 1, 2026Updated last month
- An opinionated tooling platform for managing compliance as code, using continuous integration and NIST's OSCAL standard.☆237Updated this week
- ☆16May 14, 2025Updated 9 months ago
- vexctl is a tool to attest VEX impact statements☆45Mar 27, 2023Updated 2 years ago
- A CLI tool for creating secure by design/default source repos.☆28Jul 29, 2024Updated last year
- A simple open source command line tool to support common operations over OSCAL content.☆61Dec 19, 2025Updated 2 months ago
- Open Security Controls Assessment Language (OSCAL)☆853Updated this week
- Scripts to import OSCAL example content into the Neo4J graph database☆32Jan 28, 2023Updated 3 years ago
- ☆23Oct 26, 2021Updated 4 years ago
- Develop Enhancements, Future Implementations and New Education☆15Nov 27, 2023Updated 2 years ago
- ☆12May 2, 2023Updated 2 years ago
- Archivista is a graph and storage service for in-toto attestations. Archivista enables the discovery and retrieval of attestations for so…☆108Mar 2, 2026Updated last week
- ☆76Dec 10, 2025Updated 2 months ago
- Privateer is a plugin-based framework for security & compliance evaluations.☆18Mar 2, 2026Updated last week
- Supply Chain Query Tool☆13May 25, 2022Updated 3 years ago
- An query language and interactive tooling to work with SBOM data.☆15Oct 7, 2024Updated last year
- A repository containing OSCAL serializations of the CIS Critical Security Controls☆61Mar 20, 2025Updated 11 months ago
- This repo is a living document of company culture and values.☆21Sep 8, 2025Updated 6 months ago
- SBOM Move - Automate build and transfer of SBOMs across systems☆25Mar 2, 2026Updated last week
- A tool to create, transform and attest VEX metadata☆176Mar 2, 2026Updated last week
- The CNCF Public Sector User Group aims to serve as a hub for discussing and advancing cloud computing within the public sector, utilizing…☆34Feb 19, 2026Updated 2 weeks ago
- Helm Chart for deploying GUAC☆18Feb 23, 2026Updated 2 weeks ago
- A place for policy work group related proposals and prototypes.☆65May 21, 2025Updated 9 months ago
- Friends of in-toto! A place to record integrations and adoptions of the in-toto specification.☆21Mar 2, 2026Updated last week
- A workflow automation tool for compliance content authoring☆22Updated this week
- A Go implementation of in-toto. in-toto is a framework to protect software supply chain integrity.☆145Feb 27, 2026Updated last week