mondoohq / cnspecLinks
An open source, cloud-native security to protect everything from build to runtime
☆310Updated this week
Alternatives and similar repositories for cnspec
Users that are interested in cnspec are comparing it to the libraries listed below
Sorting:
- open source, cloud-native, graph-based asset inventory☆360Updated this week
- Evaluate source control (GitHub) security posture☆252Updated 2 years ago
- Inspect certificate authorities in container images☆236Updated this week
- BadRobot - Operator Security Audit Tool☆221Updated 2 weeks ago
- Notice: Postee is no longer under active development or maintenance.☆210Updated 2 months ago
- Response Engine for managing threats in your Kubernetes☆168Updated this week
- Catalogue all images of a Kubernetes cluster to multiple targets with Syft☆203Updated last week
- Scans SBOMs for vulnerabilities with Grype☆84Updated last week
- Kubernetes audit logging, when you don't control the control plane☆84Updated this week
- Open source compliance tool for development platforms.☆288Updated last year
- All-in-one auditing toolkit for identifying common security issues in managed Kubernetes environments. Currently supports Amazon EKS.☆356Updated last week
- ☸️ Mondoo Client Kubernetes Operator☆38Updated last month
- Witness is a pluggable framework for software supply chain risk management. It automates, normalizes, and verifies software artifact pro…☆492Updated this week
- Run individual controls or full compliance benchmarks for NSA CISA Kubernetes Hardening Guidance across all of your Kubernetes clusters u…☆31Updated 2 weeks ago
- The Terraform Live Graph Extension for Visual Studio Code is a plugin that allows you to generate a live Terraform graph as you code.☆240Updated 2 years ago
- KBOM - Kubernetes Bill of Materials☆318Updated last week
- NamespaceHound is the tool for detecting the risk of potential namespace crossing violations in multi-tenant clusters.☆107Updated 7 months ago
- (D)ocker(F)ile (C)onverter: CLI to convert Dockerfiles to use Chainguard Images and APKs in FROM and RUN lines etc.☆82Updated last week
- Security configuration checks for popular cloud native applications and infrastructure.☆119Updated 3 years ago
- Pre-commit git hooks for Open Policy Agent (OPA) and Rego development☆66Updated last month
- Creates PolicyReports based on the different Trivy Operator CRDs like VulnerabilityReports☆61Updated this week
- A Github Action to automatically update digests for container images.☆68Updated 2 months ago
- A list of cloud security tools and vendors.☆175Updated 11 months ago
- A collection of tools to improve your containerized apps security posture☆144Updated last year
- Supporting code and demos for KubeCon EU 2023 talk "Malicious Compliance: Reflections on Trusting Container Image Scanners"☆67Updated last year
- ForgeMT is a secure, scalable GitHub Actions runner platform for ephemeral workloads. Designed for multi-tenant environments, it automate…☆173Updated last week
- Store and access your secrets the Kubernetes native way with any external KMS.☆183Updated last year
- Rego policies for enterprise-scale Compliance-as-Code with OPA Conftest.☆58Updated last year
- Style guide for Rego☆201Updated 4 months ago
- BigBang the product☆187Updated this week