hupe1980 / cdk-threagile
Agile Threat Modeling as Code
☆13Updated 2 years ago
Alternatives and similar repositories for cdk-threagile:
Users that are interested in cdk-threagile are comparing it to the libraries listed below
- Rego policies for enterprise-scale Compliance-as-Code with OPA Conftest.☆58Updated last year
- Github Action implementation of SLSA Provenance Generation☆47Updated last week
- This repo. is archived. The utility is now at: https://github.com/CycloneDX/sbom-utility☆60Updated last year
- A tool to check the security settings of Github Organizations.☆71Updated last year
- An SBOM query language and associated utilities☆54Updated last year
- Enrich SBOMs with data from third party services☆162Updated last month
- A Golang program to rotate AWS & GCP account keys☆65Updated 2 weeks ago
- ☆22Updated 2 years ago
- Open-source proof-of-concept client for AWS IAM Roles Anywhere☆71Updated 2 years ago
- vexctl is a tool to attest VEX impact statements☆44Updated 2 years ago
- Archivista is a graph and storage service for in-toto attestations. Archivista enables the discovery and retrieval of attestations for so…☆80Updated this week
- ☆60Updated 2 months ago
- ☆21Updated last year
- Publishes BOMs to Dependency-Track from GitHub Actions☆52Updated 5 months ago
- Slack alert bot for matching Github Audit Events☆10Updated 4 months ago
- A tool for preventing the installation of malicious PyPI and npm packages☆130Updated this week
- Sets up Open Policy Agent CLI in your GitHub Actions workflow.☆48Updated last year
- Safer AWS SCP deployments via real-time monitoring☆50Updated last year
- Use Cloud Control API to remediate drift that was detected on a CloudFormation stack☆48Updated 9 months ago
- Service Control Policies that have been Latacora recommended all wrapped up in terraform that is easy to attach to an OU.☆24Updated 10 months ago
- fatbom (Fat Bill Of Materials) is a tool which combines the SBOM generated by various tools into one fat SBOM. Thus leveraging each tool'…☆32Updated 2 years ago
- A tool to create, transform and attest VEX metadata☆133Updated this week
- Kubernetes audit logging, when you don't control the control plane☆71Updated this week
- Static analysis for CloudFormation templates to identify common misconfiguration☆57Updated 3 years ago
- Scans SBOMs for vulnerabilities with Grype☆79Updated last week
- Generate a score for your sbom to understand if it will actually be useful.☆227Updated 7 months ago
- ☆33Updated 2 years ago
- Lambda function for verifying signed images in ECS☆32Updated last year
- ☆46Updated this week
- Tools that checks for misconfigured access to Github OIDC from AWS roles and GCP service accounts☆61Updated last year