mchmarny / disco
Utility for bulk image, license, package, and vulnerability discovery in containerize workloads on GCP. Includes CLI and Service with custom metrics and BigQuery data exports.
☆13Updated 9 months ago
Related projects ⓘ
Alternatives and complementary repositories for disco
- Report OPA Gatekeeper audit violations in Security Command Center.☆42Updated 3 months ago
- An SBOM query language and associated utilities☆54Updated 10 months ago
- Proof-of-concept SLSA provenance generator for GitHub Actions☆99Updated 2 years ago
- The GCP PubSec Declarative Toolkit is a collection of declarative solutions to help you on your Journey to Google Cloud. Solutions are de…☆31Updated last week
- Google Container Analysis data import utility, supports OSS vulnerability scanner reports, SLSA provenance and sigstore attestations.☆9Updated this week
- Implementation steps and assets for Google Cloud Anthos blueprints https://cloud.google.com/architecture/blueprints/anthos-security-blue…☆44Updated 6 months ago
- Google Kubernetes Engine Policy Library☆55Updated this week
- 🎟 Voucher creates attestations for Binary Authorization☆73Updated 5 months ago
- Deploys Zeek on Google Cloud☆25Updated 3 months ago
- ☆74Updated 3 months ago
- ☆56Updated 2 years ago
- ☆14Updated 3 months ago
- 📦 Demo generator for Google Kubernetes Engine!☆91Updated last month
- ☆14Updated last year
- A tool to create, transform and attest VEX metadata☆119Updated this week
- This project demonstrates a series of best practices for improving the security of containerized applications deployed to Kubernetes Engi…☆94Updated 3 months ago
- ☆51Updated 8 months ago
- A specification for signing methods and formats used by Secure Systems Lab projects.☆68Updated 2 months ago
- Tool to help you pick a Google Cloud region considering carbon footprint, price and latency.☆59Updated 4 months ago
- vexctl is a tool to attest VEX impact statements☆44Updated last year
- app2run is a python CLI tool to translate App Engine configuration into compatible Cloud Run configuration, it aims to help App Engine us…☆15Updated last year
- Technical Advisory Council☆109Updated last week
- GCP PCI-DSS 3.2.1 InSpec Profile☆18Updated 3 years ago
- ☆107Updated 2 months ago
- OpenVEX Specification☆132Updated 4 months ago
- Search Rekor for entries☆27Updated 4 months ago
- Generate a score for your sbom to understand if it will actually be useful.☆221Updated 3 months ago
- Log monitor for Rekor to verify immutability and monitor entries☆26Updated this week
- Pubsub2Inbox is a versatile, multi-purpose tool to handle Pub/Sub messages and turn them into email, API calls, GCS objects, files or alm…☆38Updated 3 weeks ago
- A draft standard for communicating a cryptographic record of build inputs for software artifacts.☆23Updated last month