mondoohq / cnspecLinks
An open source, cloud-native security to protect everything from build to runtime
☆312Updated this week
Alternatives and similar repositories for cnspec
Users that are interested in cnspec are comparing it to the libraries listed below
Sorting:
- open source, cloud-native, graph-based asset inventory☆361Updated this week
- Inspect certificate authorities in container images☆236Updated this week
- Evaluate source control (GitHub) security posture☆252Updated 2 years ago
- BadRobot - Operator Security Audit Tool☆221Updated last week
- All-in-one auditing toolkit for identifying common security issues in managed Kubernetes environments. Currently supports Amazon EKS.☆360Updated 3 weeks ago
- The Terraform Live Graph Extension for Visual Studio Code is a plugin that allows you to generate a live Terraform graph as you code.☆240Updated 2 years ago
- Response Engine for managing threats in your Kubernetes☆170Updated last week
- ☸️ Mondoo Client Kubernetes Operator☆38Updated this week
- Open source compliance tool for development platforms.☆288Updated last year
- NamespaceHound is the tool for detecting the risk of potential namespace crossing violations in multi-tenant clusters.☆109Updated 7 months ago
- Catalogue all images of a Kubernetes cluster to multiple targets with Syft☆206Updated last week
- Kubernetes audit logging, when you don't control the control plane☆84Updated this week
- (D)ocker(F)ile (C)onverter: CLI to convert Dockerfiles to use Chainguard Images and APKs in FROM and RUN lines etc.☆88Updated last week
- Terrascan GitHub action. Scan infrastructure as code including Terraform, Kubernetes, Helm, and Kustomize file for security best practice…☆62Updated 8 months ago
- A Github Action to automatically update digests for container images.☆71Updated this week
- A collection of tools to improve your containerized apps security posture☆145Updated last year
- Creates PolicyReports based on the different Trivy Operator CRDs like VulnerabilityReports☆60Updated last week
- A Private Terraform Registry☆227Updated this week
- KBOM - Kubernetes Bill of Materials☆318Updated last month
- Witness is a pluggable framework for software supply chain risk management. It automates, normalizes, and verifies software artifact pro…☆492Updated last week
- Scans SBOMs for vulnerabilities with Grype☆85Updated last week
- GitGoat is an open source tool that was built to enable DevOps and Engineering teams to design and implement a sustainable misconfigurati…☆170Updated 7 months ago
- Kubernetes tool for scanning clusters for network policies and identifying unprotected workloads.☆442Updated this week
- Open source Terraform module registry with UI, optional Git integration and deep analysis. Demo: https://terrareg-main.gitlab-pr.dockstud…☆315Updated last week
- A tool to detect drifts in terraform IaC☆234Updated 2 years ago
- Rego policies for enterprise-scale Compliance-as-Code with OPA Conftest.☆58Updated last year
- Pre-commit git hooks for Open Policy Agent (OPA) and Rego development☆66Updated last month
- Notice: Postee is no longer under active development or maintenance.☆207Updated 2 months ago
- Supporting code and demos for KubeCon EU 2023 talk "Malicious Compliance: Reflections on Trusting Container Image Scanners"☆67Updated last year
- Use Snyk to find and fix vulnerabilities in your Kubernetes workloads☆92Updated this week