jetstack / paranoia
Inspect certificate authorities in container images
☆230Updated this week
Alternatives and similar repositories for paranoia:
Users that are interested in paranoia are comparing it to the libraries listed below
- BadRobot - Operator Security Audit Tool☆218Updated this week
- Evaluate source control (GitHub) security posture☆249Updated 2 years ago
- Add CA certificates into containers☆144Updated 3 weeks ago
- A kubectl plugin to visualize network policies rules.☆95Updated last year
- Artifact Ratification Framework (CNCF Sandbox)☆253Updated this week
- Store and access your secrets the Kubernetes native way with any external KMS.☆176Updated last year
- sigstore the hard way!☆110Updated 10 months ago
- Catalogue all images of a Kubernetes cluster to multiple targets with Syft☆198Updated last week
- Kubernetes Operator to sync secrets between different secret backends and Kubernetes☆159Updated 2 months ago
- A collection of reusable Github Actions workflows.☆128Updated this week
- A tool to create, transform and attest VEX metadata☆132Updated this week
- ☆232Updated this week
- Scans SBOMs for vulnerabilities with Grype☆79Updated this week
- An admission controller service and kubectl plugin to handle container drift in K8s clusters☆124Updated 3 years ago
- Runtime security plug to protect user containers☆65Updated last month
- A standalone exporter for vulnerability reports and other CRs created by Trivy Operator (formerly Starboard).☆59Updated last week
- Sigstore Policy Controller - an admission controller that can be used to enforce policy on a Kubernetes cluster based on verifiable supp…☆128Updated last week
- kubectl plugin for signing Kubernetes manifest YAML files with sigstore☆80Updated last week
- A CLI tool to sign and verify artifacts☆385Updated this week
- CLI for building OPA policies into OCI images☆228Updated this week
- The regolibrary package contains the controls Kubescape uses for detecting misconfigurations in Kubernetes manifests.☆123Updated 2 weeks ago
- Supporting code and demos for KubeCon EU 2023 talk "Malicious Compliance: Reflections on Trusting Container Image Scanners"☆67Updated last year
- A simple WebUI with latest events from Falco☆118Updated last week
- Archivista is a graph and storage service for in-toto attestations. Archivista enables the discovery and retrieval of attestations for so…☆80Updated this week
- Response Engine for managing threats in your Kubernetes☆150Updated this week
- An SBOM query language and associated utilities☆54Updated last year
- NamespaceHound is the tool for detecting the risk of potential namespace crossing violations in multi-tenant clusters.☆80Updated 2 months ago
- Verify provenance from SLSA compliant builders☆250Updated 3 weeks ago
- ☆53Updated this week
- Kubernetes audit logging, when you don't control the control plane☆71Updated this week