Alternatives and similar repositories for app

Users that are interested in app are comparing it to the libraries listed below

• octo-sts / action

  View on GitHub
  ☆53Dec 3, 2025Updated 2 months ago
• chainguard-dev / ghscan

  View on GitHub
  Scan GitHub Actions Workflow logs for IOCs
  ☆16Feb 9, 2026Updated last week
• actions / publish-immutable-action

  View on GitHub
  A GitHub Action used for publishing an Action to ghcr.io as an OCI container.
  ☆114Aug 8, 2025Updated 6 months ago
• stacklok / frizbee

  View on GitHub
  Throw a tag at it and it comes back with a checksum.
  ☆155Updated this week
• mchmarny / s3cme

  View on GitHub
  Template Go app repo with local test/lint/build/vulnerability check workflow, and on tag image test/build/release pipelines, with ko gene…
  ☆103Apr 23, 2024Updated last year
• sigstore / gitsign

  View on GitHub
  Keyless Git signing using Sigstore
  ☆1,057Updated this week
• step-security / harden-runner

  View on GitHub
  Harden-Runner is a CI/CD security agent that works like an EDR for GitHub Actions runners. It monitors network egress, file integrity, an…
  ☆962Feb 8, 2026Updated last week
• suzuki-shunsuke / tfprovidercheck

  View on GitHub
  CLI to prevent malicious Terraform Providers from being executed. You can define the allow list of Terraform Providers and their versions…
  ☆88Updated this week
• googleapis / enterprise-certificate-proxy

  View on GitHub
  Repository for the Enterprise Certificate Proxy project.
  ☆29Updated this week
• chainguard-dev / terraform-infra-common

  View on GitHub
  A repository containing a collection of "glue" modules for encapsulating common Cloud Run patterns.
  ☆28Updated this week
• mindersec / minder

  View on GitHub
  Software Supply Chain Security Platform
  ☆373Updated this week
• semgr8ns / semgr8s

  View on GitHub
  Semgrep-based Policy Controller for Kubernetes
  ☆47Apr 4, 2025Updated 10 months ago
• chainguard-dev / policy-catalog

  View on GitHub
  ☆20Feb 5, 2026Updated last week
• step-security / github-actions-goat

  View on GitHub
  GitHub Actions Goat: Deliberately Vulnerable GitHub Actions CI/CD Environment
  ☆494Jun 27, 2025Updated 7 months ago
• sethvargo / ratchet

  View on GitHub
  A tool for securing CI/CD workflows with version pinning.
  ☆884Jun 27, 2025Updated 7 months ago
• in-toto / witness

  View on GitHub
  Witness is a pluggable framework for software supply chain risk management. It automates, normalizes, and verifies software artifact pro…
  ☆514Updated this week
• GitHubSecurityLab / actions-permissions

  View on GitHub
  GitHub token permissions Monitor and Advisor actions
  ☆352Jan 31, 2026Updated 2 weeks ago
• suzuki-shunsuke / ghalint

  View on GitHub
  GitHub Actions linter
  ☆206Updated this week
• chainguard-dev / malcontent

  View on GitHub
  #supply #chain #attack #detection
  ☆642Updated this week
• DataDog / attache

  View on GitHub
  Attaché provides an emulation layer for Cloud Provider IMDS APIs
  ☆60Feb 8, 2026Updated last week
• DataDog / workload-security-evaluator

  View on GitHub
  ## Auto-archived due to inactivity. ## Tooling to simulate runtime attacks and test default runtime detections from Datadog Cloud Securit…
  ☆37Oct 17, 2024Updated last year
• developer-guy / container-image-sign-and-verify-with-cosign-and-opa

  View on GitHub
  This is just a proof-of-concept project that aims to sign and verify container images using cosign and OPA (Open Policy Agent)
  ☆63Aug 4, 2021Updated 4 years ago
• chainguard-dev / dfc

  View on GitHub
  (D)ocker(F)ile (C)onverter: CLI to convert Dockerfiles to use Chainguard Images and APKs in FROM and RUN lines etc.
  ☆98Updated this week
• sigstore / helm-sigstore

  View on GitHub
  Plugin for Helm to integrate the sigstore ecosystem
  ☆67Jan 28, 2026Updated 2 weeks ago
• SecurityRunners / CloudCommotion

  View on GitHub
  Cloud Commotion intends to cause chaos to simulate security incidents
  ☆145Jun 18, 2024Updated last year
• slsa-framework / slsa-github-generator

  View on GitHub
  Language-agnostic SLSA provenance generation for Github Actions
  ☆546Oct 20, 2025Updated 3 months ago
• ReversecLabs / cloud-security-vm

  View on GitHub
  Ansible/Vagrant/Packer files to create a virtual machine with the tooling needed to perform cloud security assessments
  ☆141Jan 2, 2025Updated last year
• chainguard-dev / apko

  View on GitHub
  Build OCI images from APK packages directly without Dockerfile
  ☆1,544Updated this week
• AkihiroSuda / alcless

  View on GitHub
  🍺 Alcoholless: lightweight security sandbox for Homebrew, AI agents, etc. on macOS
  ☆134Updated this week
• ofirc / k8s-sniff-https

  View on GitHub
  A simple mitmproxy blueprint to intercept HTTPS traffic from app running on Kubernetes
  ☆74Apr 14, 2025Updated 10 months ago
• bullfrogsec / bullfrog

  View on GitHub
  Simple plug-and-play Github Action to block unauthorized outbound traffic (egress) in your Github workflows
  ☆117Updated this week
• AkihiroSuda / gomodjail

  View on GitHub
  [Experimental] jail for Go modules
  ☆132Updated this week
• zizmorcore / zizmor

  View on GitHub
  Static analysis for GitHub Actions
  ☆3,623Updated this week
• chainguard-dev / registry-redirect

  View on GitHub
  ☆29Aug 9, 2024Updated last year
• techpivot / terraform-module-releaser

  View on GitHub
  GitHub Action to automate versioning, releases, and documentation for Terraform modules in monorepos.
  ☆213Feb 9, 2026Updated last week
• sigstore / rekor

  View on GitHub
  Software Supply Chain Transparency Log
  ☆1,078Updated this week
• GoogleCloudPlatform / jit-groups

  View on GitHub
  JIT Groups is an open source application that lets you implement secure, self-service access management for Google Cloud using groups.
  ☆282Updated this week
• cloud-copilot / iam-expand

  View on GitHub
  Expand IAM Actions with Wildcards
  ☆34Updated this week
• kubernetes-sigs / kube-network-policies

  View on GitHub
  Kubernetes network policies reference implementation
  ☆69Updated this week