marklechner / priscope
A security tool designed to help review merged code changes to open source maintained repositories via LLM assisted review to safeguard against supply chain attacks
☆28Updated last month
Related projects ⓘ
Alternatives and complementary repositories for priscope
- a tool to audit the istio service mesh☆173Updated 3 years ago
- NamespaceHound is the tool for detecting the risk of potential namespace crossing violations in multi-tenant clusters.☆59Updated 8 months ago
- Tooling to simulate runtime attacks and test default runtime detections from Datadog Cloud Security Management.☆30Updated last month
- ☆51Updated 8 months ago
- The security workflow engine!☆73Updated this week
- Kubernetes audit logging, when you don't control the control plane☆65Updated this week
- WAF bypass PoC☆43Updated last year
- Compares and analyzes GCP IAM roles.☆76Updated 5 months ago
- GCP CSPM using Google Sheets☆34Updated 5 months ago
- prel(iminary) is an application that temporarily assigns Google Cloud IAM Roles and includes an approval process.☆37Updated this week
- Markdown Version of the DHS/CISA Secure Software Development Self Attestation Form.☆21Updated last year
- Clean accounts over permissions in GCP infra at scale☆71Updated last year
- Tools that checks for misconfigured access to Github OIDC from AWS roles and GCP service accounts☆57Updated last year
- Template Go app repo with local test/lint/build/vulnerability check workflow, and on tag image test/build/release pipelines, with ko gene…☆94Updated 6 months ago
- Test & Compare different Kubernetes security offerings on EKS, GKE and AKS☆34Updated 2 months ago
- PEACH - a step-by-step framework for modeling and improving SaaS and PaaS tenant isolation, by managing the attack surface exposed by use…☆65Updated last year
- Static analysis for CloudFormation templates to identify common misconfiguration☆58Updated 2 years ago
- An implementation of infrastructure-as-code scanning using dynamic tooling.☆56Updated 2 years ago
- vexctl is a tool to attest VEX impact statements☆44Updated last year
- ☆107Updated last month
- Simple plug-and-play Github Action to block unauthorized outbound traffic (egress) in your Github workflows☆79Updated this week
- Repository to archive GCP Documentation for local use☆13Updated 2 weeks ago
- ☆24Updated 6 months ago
- HashiCorp-relevant rules for the Semgrep code analysis tool☆37Updated last year
- PII detection platform, leveraging human-in-the-loop AI☆47Updated this week
- ☆74Updated 3 months ago
- ☆24Updated 4 months ago
- ☆23Updated 2 weeks ago