mondoohq / cnspecLinks
An open source, cloud-native security to protect everything from build to runtime
☆373Updated this week
Alternatives and similar repositories for cnspec
Users that are interested in cnspec are comparing it to the libraries listed below
Sorting:
- open source, cloud-native, graph-based asset inventory☆384Updated this week
- Evaluate source control (GitHub) security posture☆251Updated 2 years ago
- Inspect certificate authorities in container images☆240Updated last week
- All-in-one auditing toolkit for identifying common security issues in managed Kubernetes environments. Currently supports Amazon EKS.☆367Updated 4 months ago
- Response Engine for managing threats in your Kubernetes☆186Updated 3 weeks ago
- BadRobot - Operator Security Audit Tool☆223Updated 2 weeks ago
- KBOM - Kubernetes Bill of Materials☆323Updated 4 months ago
- (D)ocker(F)ile (C)onverter: CLI to convert Dockerfiles to use Chainguard Images and APKs in FROM and RUN lines etc.☆94Updated 2 months ago
- Notice: Postee is no longer under active development or maintenance.☆208Updated 3 months ago
- Catalogue all images of a Kubernetes cluster to multiple targets with Syft☆212Updated last week
- Kubernetes audit logging, when you don't control the control plane☆90Updated this week
- Kubernetes tool for scanning clusters for network policies and identifying unprotected workloads.☆449Updated 2 weeks ago
- Open source compliance tool for development platforms.☆288Updated 2 years ago
- Validate the isolation posture of your container environment.☆306Updated last week
- NamespaceHound is the tool for detecting the risk of potential namespace crossing violations in multi-tenant clusters.☆111Updated 11 months ago
- Witness is a pluggable framework for software supply chain risk management. It automates, normalizes, and verifies software artifact pro…☆506Updated last week
- GitGoat is an open source tool that was built to enable DevOps and Engineering teams to design and implement a sustainable misconfigurati…☆170Updated 10 months ago
- ☸️ Mondoo Client Kubernetes Operator☆38Updated this week
- The Terraform Live Graph Extension for Visual Studio Code is a plugin that allows you to generate a live Terraform graph as you code.☆240Updated 2 years ago
- A collection of tools to improve your containerized apps security posture☆149Updated last year
- A Github Action to automatically update digests for container images.☆80Updated last month
- A collection of reusable Github Actions workflows.☆152Updated 2 weeks ago
- A VS Code Extension for Trivy☆155Updated last week
- Scans SBOMs for vulnerabilities with Grype☆85Updated this week
- A list of cloud security tools and vendors.☆180Updated last year
- Supporting code and demos for KubeCon EU 2023 talk "Malicious Compliance: Reflections on Trusting Container Image Scanners"☆67Updated 2 years ago
- CLI to prevent malicious Terraform Providers from being executed. You can define the allow list of Terraform Providers and their versions…☆88Updated this week
- This Kubernetes operator listens for vulnerability reports generated by the Trivy Operator and forwards them to Defect Dojo for further a…☆26Updated this week
- Documenting your Threat Models with HCL☆440Updated 3 weeks ago
- ☆253Updated this week