Alternatives and similar repositories for gatecheck

Users that are interested in gatecheck are comparing it to the libraries listed below

• chainguard-dev / dfc
  (d)ocker(f)ile (c)onverter: CLI to convert Dockerfiles to use Chainguard Images and APKs in FROM and RUN lines etc.
  ☆79Updated 2 weeks ago
• in-toto / archivista
  Archivista is a graph and storage service for in-toto attestations. Archivista enables the discovery and retrieval of attestations for so…
  ☆98Updated this week
• chainguard-dev / vex
  vexctl is a tool to attest VEX impact statements
  ☆44Updated 2 years ago
• suzuki-shunsuke / tfprovidercheck
  CLI to prevent malicious Terraform Providers from being executed. You can define the allow list of Terraform Providers and their versions…
  ☆86Updated this week
• jetstack / paranoia
  Inspect certificate authorities in container images
  ☆235Updated 3 weeks ago
• mindersec / minder-rules-and-profiles
  A repository containing Minder rules and profiles recommended by your friends at Stacklok
  ☆23Updated last week
• defenseunicorns / lula
  The Compliance Validator
  ☆180Updated last week
• stacklok / frizbee
  Throw a tag at it and it comes back with a checksum.
  ☆139Updated last week
• controlplaneio / collie
  OSCAL and Kyverno Policy Demo for AWS
  ☆13Updated last year
• chainguard-dev / digestabot
  A Github Action to automatically update digests for container images.
  ☆66Updated 2 months ago
• np-guard / cluster-topology-analyzer
  A static code analyzer to generate network connection topology for micro-service applications
  ☆17Updated 2 weeks ago
• mondoohq / cnspec
  An open source, cloud-native security to protect everything from build to runtime
  ☆306Updated this week
• anderseknert / pre-commit-opa
  Pre-commit git hooks for Open Policy Agent (OPA) and Rego development
  ☆66Updated last week
• JamesWoolfenden / ghat
  Ghat is a tool for updating your GitHub actions and Terraform with the latest version of it dependencies and using immutable hashes inste…
  ☆26Updated 2 months ago
• scribe-public / gitgat
  Evaluate source control (GitHub) security posture
  ☆250Updated 2 years ago
• chainguard-dev / incert
  Add CA certificates into containers
  ☆152Updated last week
• devops-kung-fu / hookz
  Manages client side git hooks resulting in the ability to create git action pipelines.
  ☆78Updated last year
• octo-sts / app
  A GitHub App that acts like a Security Token Service (STS) for the Github API
  ☆207Updated this week
• chainguard-dev / terraform-provider-cosign
  Terraform provider for Sigstore Cosign
  ☆11Updated this week
• chainguard-dev / bomshell
  An SBOM query language and associated utilities
  ☆54Updated last year
• stacklok / sigstore-the-hard-way
  sigstore the hard way!
  ☆115Updated last year
• wiz-sec-public / namespacehound
  NamespaceHound is the tool for detecting the risk of potential namespace crossing violations in multi-tenant clusters.
  ☆106Updated 6 months ago
• MattiasGees / spiffe-demo
  Showcasing the potential of SPIFFE with real-life services
  ☆10Updated this week
• SpotOnInc / renovate-config
  Sharable Config Presets for Renovatebot, especially useful for DevOps folks
  ☆50Updated last week
• anchore / vunnel
  Tool for collecting vulnerability data from various sources (used to build the grype database)
  ☆99Updated this week
• ConductorOne / baton
  Identity governance for any SaaS, infrastructure, or tool
  ☆86Updated 2 months ago
• chainguard-dev / osqtool
  Automated testing, generation & manipulation of #osquery packs
  ☆73Updated 9 months ago
• mchmarny / s3cme
  Template Go app repo with local test/lint/build/vulnerability check workflow, and on tag image test/build/release pipelines, with ko gene…
  ☆104Updated last year
• openvex / vexctl
  A tool to create, transform and attest VEX metadata
  ☆147Updated 3 weeks ago
• threatcl / threatcl
  Documenting your Threat Models with HCL
  ☆432Updated last month