Alternatives and similar repositories for cnspec

Users that are interested in cnspec are comparing it to the libraries listed below

• mondoohq / cnquery
  open source, cloud-native, graph-based asset inventory
  ☆363Updated this week
• jetstack / paranoia
  Inspect certificate authorities in container images
  ☆236Updated last week
• scribe-public / gitgat
  Evaluate source control (GitHub) security posture
  ☆251Updated 2 years ago
• controlplaneio / badrobot
  BadRobot - Operator Security Audit Tool
  ☆223Updated last week
• falcosecurity / falco-talon
  Response Engine for managing threats in your Kubernetes
  ☆170Updated last week
• aquasecurity / postee
  Notice: Postee is no longer under active development or maintenance.
  ☆208Updated 3 weeks ago
• ckotzbauer / sbom-operator
  Catalogue all images of a Kubernetes cluster to multiple targets with Syft
  ☆206Updated this week
• DataDog / managed-kubernetes-auditing-toolkit
  All-in-one auditing toolkit for identifying common security issues in managed Kubernetes environments. Currently supports Amazon EKS.
  ☆362Updated last month
• rad-security / kbom
  KBOM - Kubernetes Bill of Materials
  ☆320Updated last month
• RichardoC / kube-audit-rest
  Kubernetes audit logging, when you don't control the control plane
  ☆85Updated last week
• koslib / awesome-containerized-security
  A collection of tools to improve your containerized apps security posture
  ☆148Updated last year
• chainguard-dev / digestabot
  A Github Action to automatically update digests for container images.
  ☆74Updated 3 weeks ago
• mondoohq / mondoo-operator
  ☸️ Mondoo Client Kubernetes Operator
  ☆38Updated this week
• adamiBs / vscode-terraform-live-graph
  The Terraform Live Graph Extension for Visual Studio Code is a plugin that allows you to generate a live Terraform graph as you code.
  ☆240Updated 2 years ago
• reposaur / reposaur
  Open source compliance tool for development platforms.
  ☆287Updated last year
• wiz-sec-public / namespacehound
  NamespaceHound is the tool for detecting the risk of potential namespace crossing violations in multi-tenant clusters.
  ☆109Updated 8 months ago
• ckotzbauer / vulnerability-operator
  Scans SBOMs for vulnerabilities with Grype
  ☆85Updated last week
• deggja / netfetch
  Kubernetes tool for scanning clusters for network policies and identifying unprotected workloads.
  ☆445Updated 2 weeks ago
• ondat / trousseau
  Store and access your secrets the Kubernetes native way with any external KMS.
  ☆183Updated 2 years ago
• digitalis-io / vals-operator
  Kubernetes Operator to sync secrets between different secret backends and Kubernetes
  ☆163Updated 2 months ago
• fjogeleit / trivy-operator-polr-adapter
  Creates PolicyReports based on the different Trivy Operator CRDs like VulnerabilityReports
  ☆60Updated this week
• rallyhealth / conftest-policy-packs
  Rego policies for enterprise-scale Compliance-as-Code with OPA Conftest.
  ☆59Updated last year
• chainguard-dev / dfc
  (D)ocker(F)ile (C)onverter: CLI to convert Dockerfiles to use Chainguard Images and APKs in FROM and RUN lines etc.
  ☆89Updated last month
• CrowdStrike / falcon-helm
  Helm Charts for running CrowdStrike Falcon with Kubernetes
  ☆92Updated last week
• in-toto / witness
  Witness is a pluggable framework for software supply chain risk management. It automates, normalizes, and verifies software artifact pro…
  ☆495Updated this week
• snyk / kubernetes-monitor
  Use Snyk to find and fix vulnerabilities in your Kubernetes workloads
  ☆92Updated last week
• rootsami / terradrift
  A tool to detect drifts in terraform IaC
  ☆233Updated 2 years ago
• falcosecurity / falcosidekick-ui
  A simple WebUI with latest events from Falco
  ☆124Updated this week
• mondoohq / cnspec-policies
  This repository contains security policies for cnspec maintained by Mondoo and the cnspec community.
  ☆47Updated 3 months ago
• aquasecurity / appshield
  Security configuration checks for popular cloud native applications and infrastructure.
  ☆119Updated 3 years ago