Alternatives and similar repositories for policy-bot

Users that are interested in policy-bot are comparing it to the libraries listed below

• palantir / bulldozer

  View on GitHub
  GitHub Pull Request Auto-Merge Bot
  ☆791Updated this week
• advanced-security / ghas-reviewer-app

  View on GitHub
  GitHub Advanced Security Pull Request Security Team required review GitHub App
  ☆36Updated this week
• github / safe-settings

  View on GitHub
  ☆831Feb 4, 2026Updated last week
• runatlantis / atlantis

  View on GitHub
  Terraform Pull Request Automation
  ☆8,835Updated this week
• Clever / microplane

  View on GitHub
  A CLI tool to make git changes across many repos, especially useful with Microservices.
  ☆398Nov 10, 2025Updated 3 months ago
• aquasecurity / tfsec

  View on GitHub
  Tfsec is now part of Trivy
  ☆6,952Nov 10, 2025Updated 3 months ago
• Cigna / confectionery

  View on GitHub
  A library of rules for Conftest used to detect misconfigurations within Terraform configuration files
  ☆190Sep 20, 2022Updated 3 years ago
• open-policy-agent / conftest

  View on GitHub
  Write tests against structured configuration data using the Open Policy Agent Rego query language
  ☆3,121Updated this week
• snyk / driftctl

  View on GitHub
  Detect, track and alert on infrastructure drift
  ☆2,616Jan 30, 2026Updated 2 weeks ago
• iacsecurity / tool-compare

  View on GitHub
  ☆284Dec 1, 2022Updated 3 years ago
• tenable / terrascan

  View on GitHub
  Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.
  ☆5,206Nov 20, 2025Updated 2 months ago
• salesforce / policy_sentry

  View on GitHub
  IAM Least Privilege Policy Generator
  ☆2,138Updated this week
• aquasecurity / trivy

  View on GitHub
  Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
  ☆31,602Feb 7, 2026Updated last week
• falcosecurity / falco

  View on GitHub
  Cloud Native Runtime Security
  ☆8,653Updated this week
• palantir / bouncer

  View on GitHub
  An application to cycle (bounce) all nodes in a coordinated fashion in an AWS ASG or set of related ASGs
  ☆135Updated this week
• reposaur / reposaur

  View on GitHub
  Open source compliance tool for development platforms.
  ☆285Oct 30, 2023Updated 2 years ago
• step-security / harden-runner

  View on GitHub
  Harden-Runner is a CI/CD security agent that works like an EDR for GitHub Actions runners. It monitors network egress, file integrity, an…
  ☆962Updated this week
• actions / actions-runner-controller

  View on GitHub
  Kubernetes controller for GitHub Actions self-hosted runners
  ☆6,004Updated this week
• gruntwork-io / terratest

  View on GitHub
  Terratest is a Go library that makes it easier to write automated tests for your infrastructure code.
  ☆7,874Updated this week
• instrumenta / kubeval

  View on GitHub
  Validate your Kubernetes configuration files, supports multiple Kubernetes versions
  ☆3,220Jan 29, 2026Updated 2 weeks ago
• duo-labs / parliament

  View on GitHub
  AWS IAM linting library
  ☆1,109Jan 7, 2026Updated last month
• cloud-custodian / cloud-custodian

  View on GitHub
  Rules engine for cloud security, cost optimization, and governance, DSL in yaml for policies to query, filter, and take actions on resour…
  ☆5,924Feb 6, 2026Updated last week
• getsops / sops

  View on GitHub
  Simple and flexible tool for managing secrets
  ☆20,721Updated this week
• common-fate / iamzero

  View on GitHub
  Identity & Access Management simplified and secure.
  ☆260Mar 6, 2023Updated 2 years ago
• duo-labs / cloudmapper

  View on GitHub
  CloudMapper helps you analyze your Amazon Web Services (AWS) environments.
  ☆6,257Jul 15, 2024Updated last year
• reviewdog / reviewdog

  View on GitHub
  🐶 Automated code review tool integrated with any code analysis tools regardless of programming language
  ☆9,068Updated this week
• segmentio / chamber

  View on GitHub
  CLI for managing secrets
  ☆2,575Feb 6, 2026Updated last week
• cartography-cncf / cartography

  View on GitHub
  Cartography is a Python tool that consolidates infrastructure assets and the relationships between them in an intuitive graph view powere…
  ☆3,721Updated this week
• gruntwork-io / terragrunt

  View on GitHub
  Terragrunt is a flexible orchestration tool that allows Infrastructure as Code written in OpenTofu/Terraform to scale.
  ☆9,287Updated this week
• ossf / allstar

  View on GitHub
  GitHub App to set and enforce security policies
  ☆1,391Updated this week
• aquasecurity / kube-hunter

  View on GitHub
  Hunt for security weaknesses in Kubernetes clusters
  ☆5,000Mar 19, 2024Updated last year
• 99designs / aws-vault

  View on GitHub
  A vault for securely storing and accessing AWS credentials in development environments
  ☆8,954Dec 30, 2025Updated last month
• duo-labs / cloudtracker

  View on GitHub
  CloudTracker helps you find over-privileged IAM users and roles by comparing CloudTrail logs with current IAM policies.
  ☆906Dec 17, 2021Updated 4 years ago
• salesforce / cloudsplaining

  View on GitHub
  Cloudsplaining is an AWS IAM Security Assessment tool that identifies violations of least privilege and generates a risk-prioritized repo…
  ☆2,180Updated this week
• camptocamp / terraboard

  View on GitHub
  A web dashboard to inspect Terraform States
  ☆2,000Feb 7, 2026Updated last week
• grafeas / kritis

  View on GitHub
  Deploy-time Policy Enforcer for Kubernetes applications
  ☆707Dec 5, 2025Updated 2 months ago
• probot / probot

  View on GitHub
  🤖 A framework for building GitHub Apps to automate and improve your workflow
  ☆9,444Updated this week
• prowler-cloud / prowler

  View on GitHub
  Prowler is the world’s most widely used open-source cloud security platform that automates security and compliance across any cloud envir…
  ☆12,983Updated this week
• quay / clair

  View on GitHub
  Vulnerability Static Analysis for Containers
  ☆10,924Feb 7, 2026Updated last week