falcosecurity / falco-actionsLinks
Run Falco in a GitHub Actions to detect suspicious behavior in your CI/CD
☆45Updated 3 months ago
Alternatives and similar repositories for falco-actions
Users that are interested in falco-actions are comparing it to the libraries listed below
Sorting:
- Response Engine for managing threats in your Kubernetes☆189Updated 2 months ago
- Scans SBOMs for vulnerabilities with Grype☆85Updated this week
- Kubernetes audit logging, when you don't control the control plane☆90Updated this week
- A Github Action to automatically update digests for container images.☆85Updated last month
- NamespaceHound is the tool for detecting the risk of potential namespace crossing violations in multi-tenant clusters.☆111Updated last year
- ☆67Updated this week
- Threat-informed defense for cloudnative: Reference Implementation of a so-called Honeycluster - The detection capabilities can also be us…☆55Updated last month
- (D)ocker(F)ile (C)onverter: CLI to convert Dockerfiles to use Chainguard Images and APKs in FROM and RUN lines etc.☆98Updated 3 weeks ago
- A tool to create, transform and attest VEX metadata☆172Updated this week
- Runtime detection and response for malicious events in Kubernetes workloads☆46Updated last year
- Security configuration checks for popular cloud native applications and infrastructure.☆119Updated 3 years ago
- A standalone exporter for vulnerability reports and other CRs created by Trivy Operator (formerly Starboard) and Kubescape.☆62Updated this week
- Falco plugins registry☆112Updated this week
- BadRobot - Operator Security Audit Tool☆223Updated last month
- The regolibrary package contains the controls Kubescape uses for detecting misconfigurations in Kubernetes manifests.☆129Updated last week
- A collection of reusable Github Actions workflows.☆155Updated this week
- Creates PolicyReports based on the different Trivy Operator CRDs like VulnerabilityReports☆63Updated this week
- Cedar for Kubernetes brings the power of Cedar to Kubernetes authorization and admission validation, showing how cluster administrators c…☆140Updated 2 months ago
- Archivista is a graph and storage service for in-toto attestations. Archivista enables the discovery and retrieval of attestations for so…☆106Updated this week
- Helm Charts for Dependency-Track☆47Updated this week
- ☆22Updated last month
- kubectl plugin for signing Kubernetes manifest YAML files with sigstore☆85Updated this week
- Supporting code and demos for KubeCon EU 2023 talk "Malicious Compliance: Reflections on Trusting Container Image Scanners"☆67Updated 2 years ago
- Audit your GitHub Actions workflow runs to see exactly which Actions were downloaded☆79Updated last week
- CLI to prevent malicious Terraform Providers from being executed. You can define the allow list of Terraform Providers and their versions…☆88Updated this week
- A GitHub App that acts like a Security Token Service (STS) for the Github API☆301Updated this week
- Catalogue all images of a Kubernetes cluster to multiple targets with Syft☆215Updated last week
- Sigstore Policy Controller - an admission controller that can be used to enforce policy on a Kubernetes cluster based on verifiable supp…☆154Updated this week
- Kubernetes Operator for Falco☆14Updated last week
- Software Supply Chain Security Platform☆371Updated this week