Alternatives and similar repositories for gatecheck:

Users that are interested in gatecheck are comparing it to the libraries listed below

• in-toto / archivista
  Archivista is a graph and storage service for in-toto attestations. Archivista enables the discovery and retrieval of attestations for so…
  ☆89Updated this week
• controlplaneio / collie
  OSCAL and Kyverno Policy Demo for AWS
  ☆13Updated last year
• suzuki-shunsuke / tfprovidercheck
  CLI to prevent malicious Terraform Providers from being executed. You can define the allow list of Terraform Providers and their versions…
  ☆85Updated this week
• open-policy-agent / setup-opa
  Sets up Open Policy Agent CLI in your GitHub Actions workflow.
  ☆49Updated last year
• rallyhealth / conftest-policy-packs
  Rego policies for enterprise-scale Compliance-as-Code with OPA Conftest.
  ☆58Updated last year
• chainguard-dev / vex
  vexctl is a tool to attest VEX impact statements
  ☆44Updated 2 years ago
• defenseunicorns / lula
  The Compliance Validator
  ☆174Updated this week
• chainguard-dev / digestabot
  Github Action to automatically update digests for container images.
  ☆58Updated last month
• paololazzari / fuzzy-terraform-rm
  A fuzzy-finder command-line tool for removing resources from terraform state
  ☆38Updated last year
• defenseunicorns / uds-cli
  ☆33Updated this week
• np-guard / cluster-topology-analyzer
  A static code analyzer to generate network connection topology for micro-service applications
  ☆16Updated this week
• aquasecurity / trivy-plugin-referrer
  Trivy plugin for OCI referrers
  ☆23Updated 11 months ago
• scribe-public / gitgat
  Evaluate source control (GitHub) security posture
  ☆249Updated 2 years ago
• jetstack / paranoia
  Inspect certificate authorities in container images
  ☆233Updated this week
• JamesWoolfenden / ghat
  Ghat is a tool for updating your GitHub actions and Terraform with the latest version of it dependencies and using immutable hashes inste…
  ☆26Updated last week
• openvex / vexctl
  A tool to create, transform and attest VEX metadata
  ☆134Updated last week
• stacklok / frizbee
  Throw a tag at it and it comes back with a checksum.
  ☆120Updated this week
• policy-hub / policy-hub-cli
  CLI for searching Rego policies
  ☆105Updated 3 years ago
• anchore / grant
  Search an SBOM for licenses and the packages they belong to
  ☆86Updated this week
• IBM / sbom-utility
  This repo. is archived. The utility is now at: https://github.com/CycloneDX/sbom-utility
  ☆60Updated 2 years ago
• chainguard-dev / terraform-provider-cosign
  Terraform provider for Sigstore Cosign
  ☆10Updated last week
• chainguard-dev / actions
  A collection of reusable Github Actions workflows.
  ☆130Updated this week
• fjogeleit / trivy-operator-polr-adapter
  Creates PolicyReports based on the different Trivy Operator CRDs like VulnerabilityReports
  ☆59Updated last week
• sigstore / k8s-manifest-sigstore
  kubectl plugin for signing Kubernetes manifest YAML files with sigstore
  ☆81Updated 2 weeks ago
• buildsec / frsca
  ☆235Updated this week
• stacklok / sigstore-the-hard-way
  sigstore the hard way!
  ☆111Updated 11 months ago
• RichardoC / kube-audit-rest
  Kubernetes audit logging, when you don't control the control plane
  ☆74Updated this week
• chps-dev / chps
  Container Hardening Priorities Specification (CHPS)
  ☆26Updated last month
• bomctl / bomctl
  Format agnostic SBOM tooling
  ☆105Updated this week
• devops-kung-fu / hookz
  Manages client side git hooks resulting in the ability to create git action pipelines.
  ☆78Updated 10 months ago