marklechner / priscope
A security tool designed to help review merged code changes to open source maintained repositories via LLM assisted review to safeguard against supply chain attacks
☆27Updated 3 weeks ago
Related projects ⓘ
Alternatives and complementary repositories for priscope
- ☆51Updated 8 months ago
- Clean accounts over permissions in GCP infra at scale☆71Updated last year
- a tool to audit the istio service mesh☆173Updated 3 years ago
- The security workflow engine!☆73Updated this week
- Markdown Version of the DHS/CISA Secure Software Development Self Attestation Form.☆21Updated last year
- A repository to store Rad Fingerprinting data.☆23Updated 3 months ago
- prel(iminary) is an application that temporarily assigns Google Cloud IAM Roles and includes an approval process.☆36Updated this week
- GCP CSPM using Google Sheets☆34Updated 5 months ago
- Compares and analyzes GCP IAM roles.☆76Updated 5 months ago
- Tooling to simulate runtime attacks and test default runtime detections from Datadog Cloud Security Management.☆30Updated 3 weeks ago
- Kubernetes audit logging, when you don't control the control plane☆65Updated this week
- A Golang library for interacting with the EPSS (Exploit Prediction Scoring System).☆27Updated 8 months ago
- Template Go app repo with local test/lint/build/vulnerability check workflow, and on tag image test/build/release pipelines, with ko gene…☆93Updated 6 months ago
- NamespaceHound is the tool for detecting the risk of potential namespace crossing violations in multi-tenant clusters.☆55Updated 7 months ago
- Ansible/Vagrant/Packer files to create a virtual machine with the tooling needed to perform cloud security assessments☆40Updated last month
- An implementation of infrastructure-as-code scanning using dynamic tooling.☆56Updated 2 years ago
- Tools that checks for misconfigured access to Github OIDC from AWS roles and GCP service accounts☆57Updated last year
- Tool for obfuscating and deobfuscating data.☆63Updated 7 months ago
- Adversary emulation for EDR/SIEM testing (macOS/Linux)☆38Updated 9 months ago
- Repository to archive GCP Documentation for local use☆13Updated last week
- Test & Compare different Kubernetes security offerings on EKS, GKE and AKS☆34Updated 2 months ago
- Simple plug-and-play Github Action to block unauthorized outbound traffic (egress) in your Github workflows☆79Updated last week
- HashiCorp-relevant rules for the Semgrep code analysis tool☆37Updated last year
- ☆22Updated this week
- PEACH - a step-by-step framework for modeling and improving SaaS and PaaS tenant isolation, by managing the attack surface exposed by use…☆65Updated last year
- vexctl is a tool to attest VEX impact statements☆44Updated last year
- ☆107Updated last month
- Gordon is status check Github app to enforce and validate about.yaml file specifications in a repository during pull requests to drive co…☆20Updated 2 weeks ago