Alternatives and similar repositories for opengrep-rules:

Users that are interested in opengrep-rules are comparing it to the libraries listed below

• boostsecurityio / poutine
  boostsecurityio/poutine
  ☆267Updated last week
• iriusrisk / OpenThreatModel
  The Open Threat Modeling Format (OTM) defines a platform independent way to define the threat model of any system.
  ☆172Updated 5 months ago
• bullfrogsec / bullfrog
  Simple plug-and-play Github Action to block unauthorized outbound traffic (egress) in your Github workflows
  ☆95Updated last month
• DataDog / supply-chain-firewall
  A tool for preventing the installation of malicious PyPI and npm packages
  ☆141Updated this week
• hashicorp-forge / semgrep-rules
  HashiCorp-relevant rules for the Semgrep code analysis tool
  ☆41Updated last year
• latiotech / insecure-kubernetes-deployments
  A full insecure kubernetes application for testing security tools
  ☆85Updated 2 weeks ago
• OWASP / www-project-top-10-ci-cd-security-risks
  OWASP Foundation Web Respository
  ☆82Updated 3 months ago
• jstawinski / GitHub-Actions-Attack-Diagram
  ☆180Updated 3 weeks ago
• t0sche / cvss-bt
  Enriching the NVD CVSS scores to include Temporal & Threat Metrics
  ☆194Updated this week
• snyk / parlay
  Enrich SBOMs with data from third party services
  ☆171Updated last month
• smithy-security / smithy
  The security workflow engine!
  ☆111Updated last week
• SecurityRunners / CloudCommotion
  Cloud Commotion intends to cause chaos to simulate security incidents
  ☆143Updated 10 months ago
• Santiago-Labs / go-ocsf
  ☆64Updated last week
• vishalgarg-sec / Software-Supply-Chain-Security
  A compilation of Software Supply Chain Security resources including initiatives, standards, regulations, organizations, vendors, tooling,…
  ☆133Updated last year
• domain-protect / domain-protect-gcp
  Protect against subdomain takeover
  ☆92Updated 11 months ago
• StevenSmiley / aws-mine
  AWS honey token manager
  ☆87Updated 9 months ago
• OWASP / OpenCRE
  ☆104Updated last week
• WithSecureLabs / IAMGraph
  ☆45Updated 4 months ago
• Rezonate-io / github-oidc-checker
  Tools that checks for misconfigured access to Github OIDC from AWS roles and GCP service accounts
  ☆61Updated last year
• xvnpw / ai-security-analyzer
  A powerful tool that leverages AI to automatically generate comprehensive security documentation for your projects
  ☆76Updated 3 weeks ago
• apiiro / malicious-code-ruleset
  Focused malicious code detection ruleset, with a high protection-to-noise ratio
  ☆116Updated 2 months ago
• luisfontes19 / orgsec-guide
  A comprehensive checklist and guide for organizations looking to implement a robust cybersecurity program
  ☆15Updated last week
• boostsecurityio / lotp
  boostsecurityio/lotp
  ☆123Updated 3 weeks ago
• edgeroute / security-champion-framework
  The Security Champion Framework provides both a measuring stick and a roadmap generator for Champion Programs.
  ☆108Updated last year
• Addepar / RedFlag
  RedFlag uses AI to identify high-risk code changes. Run it in batch mode for release candidate testing or in CI pipelines to flag PRs and…
  ☆148Updated 5 months ago
• synacktiv / octoscan
  Octoscan is a static vulnerability scanner for GitHub action workflows.
  ☆209Updated 3 weeks ago
• DataDog / workload-security-evaluator
  Tooling to simulate runtime attacks and test default runtime detections from Datadog Cloud Security Management.
  ☆31Updated 6 months ago
• rusakovichma / TicTaaC
  Easy-to-use Threat modeling-as-a-Code (TaaC) solution following DevSecOps principles. Simple CI/CD integration as well as console usage. …
  ☆64Updated 10 months ago
• Vulnetix / vulnetix
  Automate vulnerability triage which prioritizes remediation over discovery
  ☆17Updated last week
• CycloneDX / transparency-exchange-api
  A standard API specification for exchanging supply chain artifacts and intelligence
  ☆79Updated this week