jsotiro / docker-multiscan
A multi scanner for docker images. It drives Clair, Anchore, Trivy, Snyk, Grype, AWS ECR scans and consolidates the results.
☆14Updated last year
Related projects: ⓘ
- Darkbit Cloud Security Tools☆25Updated 3 years ago
- Example of how to write OPA rules with conftest in a modular fashion for Terraform 0.12 plans.☆12Updated 4 years ago
- Kubernetes admission webhook that uses cosign verify to check the subject and issuer of the image matches what you expect☆22Updated this week
- PolicyGlass allows you to analyse one or more AWS policies' effective permissions in aggregate, by restating them in the form of PolicySh…☆58Updated 2 years ago
- A Golang program to rotate AWS & GCP account keys☆63Updated last week
- An SBOM query language and associated utilities☆54Updated 7 months ago
- Kubernetes Admission Controller for Image Scanning using OPA☆50Updated last year
- A terraform module to install the prerequisites for cloud-custodian☆10Updated 9 months ago
- Enhance the security of the EC2 metadata service. (Obsolete thanks to Instance Metadata Service Version 2, see note in README)☆31Updated 4 years ago
- Slack alert bot for matching Github Audit Events☆10Updated 3 weeks ago
- cloud native software supply chain ☁️🔗☆64Updated 3 years ago
- Tag instances & databases with cron-style stop/start schedules to cut AWS costs. Also schedule EBS, EC2 & RDS backups, plus CloudFormatio…☆35Updated last year
- Static analysis for CloudFormation templates to identify common misconfiguration☆58Updated 2 years ago
- a tool to audit the istio service mesh☆173Updated 2 years ago
- Darkfiles finds orphaned files in container images and makes them to bad deeds☆41Updated last year
- A Dockerfile that creates an image with known vulnerabilities.☆49Updated 2 years ago
- Utilities for programmatic analysis of Cartography data.☆32Updated last year
- Validate all your Customer IAM Policies against AWS Access Analyzer - Policy Validation☆42Updated 3 years ago
- CloudSplaining on AWS Managed Policies☆41Updated this week
- Kubernetes audit logging, when you don't control the control plane☆64Updated this week
- ☆21Updated last year
- This repo. is archived. The utility is now at: https://github.com/CycloneDX/sbom-utility☆61Updated last year
- vexctl is a tool to attest VEX impact statements☆44Updated last year
- Scripts to quickly fix security and compliance issues☆25Updated 9 months ago
- Open Source runtime scanner for k8s cluster and perform security audit checks based on CIS Kubernetes Benchmark specification☆64Updated last month
- Dockerfile Security Checker using OPA Rego policies with Conftest☆58Updated 2 years ago
- A known vulnerable Flask app with an excessive amount of automated testing☆13Updated last week
- Sysdig Terraform provider. Allow to handle Sysdig Secure policies as code.☆47Updated this week
- Gordon is status check Github app to enforce and validate about.yaml file specifications in a repository during pull requests to drive co…☆19Updated 2 weeks ago
- vscode extension for tfsec☆30Updated last year