Alternatives and similar repositories for cnspec

Users that are interested in cnspec are comparing it to the libraries listed below

• mondoohq / cnquery
  open source, cloud-native, graph-based asset inventory
  ☆365Updated this week
• jetstack / paranoia
  Inspect certificate authorities in container images
  ☆237Updated last week
• scribe-public / gitgat
  Evaluate source control (GitHub) security posture
  ☆251Updated 2 years ago
• controlplaneio / badrobot
  BadRobot - Operator Security Audit Tool
  ☆223Updated this week
• ckotzbauer / sbom-operator
  Catalogue all images of a Kubernetes cluster to multiple targets with Syft
  ☆207Updated last week
• falcosecurity / falco-talon
  Response Engine for managing threats in your Kubernetes
  ☆171Updated 2 weeks ago
• aquasecurity / postee
  Notice: Postee is no longer under active development or maintenance.
  ☆208Updated last month
• reposaur / reposaur
  Open source compliance tool for development platforms.
  ☆288Updated last year
• DataDog / managed-kubernetes-auditing-toolkit
  All-in-one auditing toolkit for identifying common security issues in managed Kubernetes environments. Currently supports Amazon EKS.
  ☆365Updated 2 months ago
• adamiBs / vscode-terraform-live-graph
  The Terraform Live Graph Extension for Visual Studio Code is a plugin that allows you to generate a live Terraform graph as you code.
  ☆240Updated 2 years ago
• aquasecurity / appshield
  Security configuration checks for popular cloud native applications and infrastructure.
  ☆119Updated 3 years ago
• rad-security / kbom
  KBOM - Kubernetes Bill of Materials
  ☆320Updated 2 months ago
• chainguard-dev / dfc
  (D)ocker(F)ile (C)onverter: CLI to convert Dockerfiles to use Chainguard Images and APKs in FROM and RUN lines etc.
  ☆90Updated 2 weeks ago
• in-toto / witness
  Witness is a pluggable framework for software supply chain risk management. It automates, normalizes, and verifies software artifact pro…
  ☆498Updated this week
• RichardoC / kube-audit-rest
  Kubernetes audit logging, when you don't control the control plane
  ☆85Updated last week
• wiz-sec-public / namespacehound
  NamespaceHound is the tool for detecting the risk of potential namespace crossing violations in multi-tenant clusters.
  ☆110Updated 9 months ago
• chainguard-dev / digestabot
  A Github Action to automatically update digests for container images.
  ☆74Updated this week
• ckotzbauer / vulnerability-operator
  Scans SBOMs for vulnerabilities with Grype
  ☆85Updated 2 weeks ago
• open-policy-agent / rego-style-guide
  Style guide for Rego
  ☆202Updated 2 weeks ago
• mondoohq / mondoo-operator
  ☸️ Mondoo Client Kubernetes Operator
  ☆38Updated this week
• ondat / trousseau
  Store and access your secrets the Kubernetes native way with any external KMS.
  ☆182Updated 2 years ago
• turbot / steampipe-mod-kubernetes-compliance
  Run individual controls or full compliance benchmarks for NSA CISA Kubernetes Hardening Guidance across all of your Kubernetes clusters u…
  ☆31Updated last month
• rallyhealth / conftest-policy-packs
  Rego policies for enterprise-scale Compliance-as-Code with OPA Conftest.
  ☆59Updated last year
• openvex / vexctl
  A tool to create, transform and attest VEX metadata
  ☆160Updated this week
• buildsec / frsca
  ☆248Updated last week
• aquasecurity / trivy-vscode-extension
  A VS Code Extension for Trivy
  ☆148Updated 2 weeks ago
• falcosecurity / falcosidekick-ui
  A simple WebUI with latest events from Falco
  ☆127Updated this week
• chainguard-dev / incert
  Add CA certificates into containers
  ☆157Updated 2 weeks ago
• anderseknert / pre-commit-opa
  Pre-commit git hooks for Open Policy Agent (OPA) and Rego development
  ☆67Updated 3 months ago
• koslib / awesome-containerized-security
  A collection of tools to improve your containerized apps security posture
  ☆148Updated last year