jsotiro / docker-multiscan

Related projects: ⓘ

• darkbitio / tools
  Darkbit Cloud Security Tools
  ☆25Updated 3 years ago
• kmcquade / conftest-terraform-multifolder-policies
  Example of how to write OPA rules with conftest in a modular fashion for Terraform 0.12 plans.
  ☆12Updated 4 years ago
• appvia / cosign-keyless-admission-webhook
  Kubernetes admission webhook that uses cosign verify to check the subject and issuer of the image matches what you expect
  ☆22Updated this week
• CloudWanderer-io / PolicyGlass
  PolicyGlass allows you to analyse one or more AWS policies' effective permissions in aggregate, by restating them in the form of PolicySh…
  ☆58Updated 2 years ago
• ovotech / cloud-key-rotator
  A Golang program to rotate AWS & GCP account keys
  ☆63Updated last week
• chainguard-dev / bomshell
  An SBOM query language and associated utilities
  ☆54Updated 7 months ago
• sysdiglabs / opa-image-scanner
  Kubernetes Admission Controller for Image Scanning using OPA
  ☆50Updated last year
• jaxxstorm / terraform-cloud-custodian
  A terraform module to install the prerequisites for cloud-custodian
  ☆10Updated 9 months ago
• stefansundin / ec2-metadata-filter
  Enhance the security of the EC2 metadata service. (Obsolete thanks to Instance Metadata Service Version 2, see note in README)
  ☆31Updated 4 years ago
• chainguard-dev / github-audit-alerter
  Slack alert bot for matching Github Audit Events
  ☆10Updated 3 weeks ago
• rode / rode-legacy
  cloud native software supply chain ☁️🔗
  ☆64Updated 3 years ago
• sqlxpert / lights-off-aws
  Tag instances & databases with cron-style stop/start schedules to cut AWS costs. Also schedule EBS, EC2 & RDS backups, plus CloudFormatio…
  ☆35Updated last year
• aquasecurity / cfsec
  Static analysis for CloudFormation templates to identify common misconfiguration
  ☆58Updated 2 years ago
• praetorian-inc / snowcat
  a tool to audit the istio service mesh
  ☆173Updated 2 years ago
• chainguard-dev / darkfiles
  Darkfiles finds orphaned files in container images and makes them to bad deeds
  ☆41Updated last year
• ianmiell / bad-dockerfile
  A Dockerfile that creates an image with known vulnerabilities.
  ☆49Updated 2 years ago
• marco-lancini / cartography-queries
  Utilities for programmatic analysis of Cartography data.
  ☆32Updated last year
• z0ph / aa-policy-validator
  Validate all your Customer IAM Policies against AWS Access Analyzer - Policy Validation
  ☆42Updated 3 years ago
• tenchi-security / camp
  CloudSplaining on AWS Managed Policies
  ☆41Updated this week
• RichardoC / kube-audit-rest
  Kubernetes audit logging, when you don't control the control plane
  ☆64Updated this week
• aidansteele / awsaccountcreds
  ☆21Updated last year
• IBM / sbom-utility
  This repo. is archived. The utility is now at: https://github.com/CycloneDX/sbom-utility
  ☆61Updated last year
• chainguard-dev / vex
  vexctl is a tool to attest VEX impact statements
  ☆44Updated last year
• primeharbor / aws-fast-fixes
  Scripts to quickly fix security and compliance issues
  ☆25Updated 9 months ago
• chen-keinan / kube-beacon
  Open Source runtime scanner for k8s cluster and perform security audit checks based on CIS Kubernetes Benchmark specification
  ☆64Updated last month
• madhuakula / docker-security-checker
  Dockerfile Security Checker using OPA Rego policies with Conftest
  ☆58Updated 2 years ago
• garethr / snyky
  A known vulnerable Flask app with an excessive amount of automated testing
  ☆13Updated last week
• sysdiglabs / terraform-provider-sysdig
  Sysdig Terraform provider. Allow to handle Sysdig Secure policies as code.
  ☆47Updated this week
• twilio-labs / gordon
  Gordon is status check Github app to enforce and validate about.yaml file specifications in a repository during pull requests to drive co…
  ☆19Updated 2 weeks ago
• aquasecurity / vscode-tfsec
  vscode extension for tfsec
  ☆30Updated last year