Alternatives and similar repositories for continuous-compliance-action

Users that are interested in continuous-compliance-action are comparing it to the libraries listed below

• VexStore / fatbom
  fatbom (Fat Bill Of Materials) is a tool which combines the SBOM generated by various tools into one fat SBOM. Thus leveraging each tool'…
  ☆33Updated 2 years ago
• philips-labs / slsa-provenance-action
  Github Action implementation of SLSA Provenance Generation
  ☆49Updated last week
• advanced-security / GSSAR
  GitHub Secret Scanning Auto Remediator (GSSAR)
  ☆45Updated last month
• octo-sts / action
  ☆43Updated 8 months ago
• open-policy-agent / setup-opa
  Sets up Open Policy Agent CLI in your GitHub Actions workflow.
  ☆50Updated last year
• chainguard-dev / bomshell
  An SBOM query language and associated utilities
  ☆54Updated last year
• philips-labs / fatt
  fatt tries to find any purl in your project by looking at predefined fields in the supported packages. These fields describe using a purl…
  ☆11Updated last week
• chainguard-dev / github-audit-alerter
  Slack alert bot for matching Github Audit Events
  ☆10Updated 8 months ago
• advanced-security / enterprise-security-team
  Manage a uniform team of security managers for every organization in your enterprise
  ☆18Updated 10 months ago
• github / cleanowners
  A GitHub Action to suggest removal of non-organization members from CODEOWNERS files
  ☆134Updated last week
• ossf / scorecard-webapp
  Website and API for OpenSSF Scorecard
  ☆24Updated this week
• omnibor / site
  Website for OmniBOR, reproducible identifiers & fine-grained build dependency tracking for software artifacts.
  ☆21Updated 5 months ago
• sigstore / sigstore-go-archived
  Go library for Sigstore signing and verification
  ☆18Updated last year
• nais / salsa
  SLSA level 3 action
  ☆11Updated last year
• aquasecurity / vscode-tfsec
  vscode extension for tfsec
  ☆30Updated 2 years ago
• ministryofjustice / github-actions
  A collection of reusable GitHub Actions for the Ministry of Justice, designed to streamline and enhance workflows across our projects. • …
  ☆18Updated this week
• GeekMasher / advanced-security-compliance
  GitHub Advance Security Compliance Action
  ☆133Updated 2 years ago
• chainguard-dev / vex
  vexctl is a tool to attest VEX impact statements
  ☆44Updated 2 years ago
• slsa-framework / github-actions-demo
  Proof-of-concept SLSA provenance generator for GitHub Actions
  ☆100Updated 2 years ago
• github / actions-oidc-gateway-example
  Example of using Actions OIDC token to proxy into a private network
  ☆94Updated 3 months ago
• codefresh-io / terraform-provider-codefresh
  Terraform provider for the Codefresh API
  ☆18Updated 2 weeks ago
• onelittlenightmusic / opactl
  A simple tool for converting Rego (OPA) rule into command.
  ☆29Updated 3 years ago
• nsmith5 / rekor-sidekick
  🔍 Rekor transparency log monitoring and alerting
  ☆27Updated last year
• github / audit-actions-workflow-runs
  Audit your GitHub Actions workflow runs to see exactly which Actions were downloaded
  ☆69Updated this week
• deislabs / image-layer-provenance
  Container image provenance spec that allows tracing CVEs detected in registry images back to a CVE's source of origin.
  ☆43Updated last year
• advanced-security / generate-sbom-action
  An Action to wrap creating an SBOM via REST API
  ☆18Updated this week
• IBM / sbom-utility
  This repo. is archived. The utility is now at: https://github.com/CycloneDX/sbom-utility
  ☆60Updated 2 years ago
• controlplaneio / threat-modelling-zero-trust-talk
  ☆12Updated 2 years ago
• advanced-security / gh-sbom
  Generate SBOMs with gh CLI
  ☆189Updated last month
• rallyhealth / conftest-policy-packs
  Rego policies for enterprise-scale Compliance-as-Code with OPA Conftest.
  ☆58Updated last year