Alternatives and similar repositories for gatecheck

Users that are interested in gatecheck are comparing it to the libraries listed below

• chainguard-dev / dfc
  (D)ocker(F)ile (C)onverter: CLI to convert Dockerfiles to use Chainguard Images and APKs in FROM and RUN lines etc.
  ☆98Updated 3 weeks ago
• cisco-open / forge
  ForgeMT is a secure, scalable GitHub Actions runner platform for ephemeral workloads. Designed for multi-tenant environments, it automate…
  ☆197Updated this week
• jetstack / paranoia
  Inspect certificate authorities in container images
  ☆240Updated 2 months ago
• in-toto / archivista
  Archivista is a graph and storage service for in-toto attestations. Archivista enables the discovery and retrieval of attestations for so…
  ☆106Updated this week
• defenseunicorns-labs / lula1
  The Compliance Validator
  ☆183Updated this week
• mchmarny / vimp
  Compare data from multiple vulnerability scanners to get a more complete picture of potential exposures.
  ☆78Updated 2 years ago
• stacklok / frizbee
  Throw a tag at it and it comes back with a checksum.
  ☆154Updated this week
• privateerproj / privateer
  Privateer is a plugin-based framework to validate the status of deployed resources.
  ☆17Updated this week
• chainguard-dev / vex
  vexctl is a tool to attest VEX impact statements
  ☆45Updated 2 years ago
• chainguard-dev / bomshell
  An SBOM query language and associated utilities
  ☆55Updated 2 years ago
• chainguard-dev / incert
  Add CA certificates into containers
  ☆164Updated this week
• aidansteele / ima.ge.cx
  ☆41Updated 3 years ago
• np-guard / cluster-topology-analyzer
  A static code analyzer to generate network connection topology for micro-service applications
  ☆18Updated last month
• controlplaneio / badrobot
  BadRobot - Operator Security Audit Tool
  ☆223Updated this week
• suzuki-shunsuke / tfprovidercheck
  CLI to prevent malicious Terraform Providers from being executed. You can define the allow list of Terraform Providers and their versions…
  ☆88Updated last week
• ndrpnt / awesome-kubernetes-configuration-management
  A taxonomy of Kubernetes configuration management tools
  ☆23Updated 3 weeks ago
• JamesWoolfenden / ghat
  Ghat is a tool for updating your GitHub actions and Terraform with the latest version of it dependencies and using immutable hashes inste…
  ☆26Updated 2 months ago
• mchmarny / s3cme
  Template Go app repo with local test/lint/build/vulnerability check workflow, and on tag image test/build/release pipelines, with ko gene…
  ☆103Updated last year
• anchore / yardstick
  Compare vulnerability scanners results (to make them better!)
  ☆27Updated last week
• DoD-Platform-One / bigbang
  BigBang the product
  ☆193Updated this week
• RichardoC / kube-audit-rest
  Kubernetes audit logging, when you don't control the control plane
  ☆90Updated last week
• chainguard-dev / digestabot
  A Github Action to automatically update digests for container images.
  ☆85Updated last month
• devops-kung-fu / hookz
  Manages client side git hooks resulting in the ability to create git action pipelines.
  ☆78Updated last year
• ckotzbauer / vulnerability-operator
  Scans SBOMs for vulnerabilities with Grype
  ☆85Updated this week
• chainguard-dev / edu
  Docs and Tutorials for Chainguard
  ☆88Updated last week
• chainguard-dev / darkfiles
  Darkfiles finds orphaned files in container images and makes them to bad deeds
  ☆42Updated 2 years ago
• octo-sts / action
  ☆52Updated 2 months ago
• fjogeleit / trivy-operator-polr-adapter
  Creates PolicyReports based on the different Trivy Operator CRDs like VulnerabilityReports
  ☆63Updated last week
• defenseunicorns / uds-cli
  ☆43Updated this week
• wiz-sec-public / namespacehound
  NamespaceHound is the tool for detecting the risk of potential namespace crossing violations in multi-tenant clusters.
  ☆111Updated last year