falcosecurity / falco-actions
Run Falco in a GitHub Actions to detect suspicious behavior in your CI/CD
☆32Updated last month
Alternatives and similar repositories for falco-actions
Users that are interested in falco-actions are comparing it to the libraries listed below
Sorting:
- Kubernetes audit logging, when you don't control the control plane☆77Updated last week
- Response Engine for managing threats in your Kubernetes☆159Updated 2 weeks ago
- Github Action to automatically update digests for container images.☆58Updated 2 months ago
- A collection of reusable Github Actions workflows.☆131Updated this week
- Creates PolicyReports based on the different Trivy Operator CRDs like VulnerabilityReports☆60Updated this week
- Administrative tooling for Falco☆104Updated this week
- A standalone exporter for vulnerability reports and other CRs created by Trivy Operator (formerly Starboard).☆61Updated this week
- An admission controller service and kubectl plugin to handle container drift in K8s clusters☆124Updated 3 years ago
- Scans SBOMs for vulnerabilities with Grype☆81Updated this week
- ☆19Updated last month
- Falco plugins registry☆95Updated this week
- Threat-informed defense for cloudnative: Reference Implementation of a so-called Honeycluster - for kind (and GKE, RKE2, AKS)☆44Updated this week
- This repository contains the code used during my demo at BSidesNYC 2023 where I presented a new method for analysing volatile memory in G…☆1Updated 7 months ago
- kubectl plugin for signing Kubernetes manifest YAML files with sigstore☆82Updated last week
- A pane of glass between you and your Kubernetes clusters.☆45Updated last year
- ☆52Updated this week
- A simple WebUI with latest events from Falco☆120Updated last month
- approver-policy is a cert-manager approver that allows users to define policies that restrict what certificates can be requested.☆82Updated this week
- (d)ocker(f)ile (c)onverter: CLI to convert Dockerfiles to use Chainguard Images and APKs in FROM and RUN lines etc.☆49Updated this week
- Archivista is a graph and storage service for in-toto attestations. Archivista enables the discovery and retrieval of attestations for so…☆92Updated this week
- 🔮 ✈️ to integrate OPA Gatekeeper's new ExternalData feature with cosign to determine whether the images are valid by verifying their sig…☆78Updated last year
- Enterprise Distribution for Flux CD☆74Updated this week
- CLI to prevent malicious Terraform Providers from being executed. You can define the allow list of Terraform Providers and their versions…☆85Updated this week
- Trust Dexter to ensure that all your images are pinned by digest for better security☆29Updated last year
- Plugin for Helm to integrate the sigstore ecosystem☆63Updated this week
- Sneefer is a PoC project showing how to filter out irrelevent vulnerabilities from container image vulnerability scan results. It is base…☆26Updated last year
- ☆43Updated 3 weeks ago
- Preview infra diffs on your pull requests☆24Updated last week
- NamespaceHound is the tool for detecting the risk of potential namespace crossing violations in multi-tenant clusters.☆84Updated 4 months ago
- Prometheus Metrics Exporter for Falco output events☆122Updated last month