privateerproj / privateerLinks
Privateer is a plugin-based framework to validate the status of deployed resources.
☆13Updated last week
Alternatives and similar repositories for privateer
Users that are interested in privateer are comparing it to the libraries listed below
Sorting:
- vexctl is a tool to attest VEX impact statements☆45Updated 2 years ago
- An SBOM query language and associated utilities☆54Updated last year
- ☆41Updated 2 years ago
- Slack alert bot for matching Github Audit Events☆10Updated 9 months ago
- Archivista is a graph and storage service for in-toto attestations. Archivista enables the discovery and retrieval of attestations for so…☆99Updated this week
- (D)ocker(F)ile (C)onverter: CLI to convert Dockerfiles to use Chainguard Images and APKs in FROM and RUN lines etc.☆88Updated 2 weeks ago
- A repository containing example Minder rules and profiles☆23Updated last week
- ☆20Updated 3 months ago
- Github Action implementation of SLSA Provenance Generation☆50Updated this week
- vscode extension for tfsec☆30Updated 2 years ago
- ☆23Updated 2 years ago
- ☆46Updated this week
- Throw a tag at it and it comes back with a checksum.☆149Updated this week
- Static analysis for CloudFormation templates to identify common misconfiguration☆57Updated 3 years ago
- The Auditree framework tool to run compliance control checks as unit tests.☆71Updated last year
- fatbom (Fat Bill Of Materials) is a tool which combines the SBOM generated by various tools into one fat SBOM. Thus leveraging each tool'…☆33Updated 2 years ago
- ☆16Updated last year
- Sets up Open Policy Agent CLI in your GitHub Actions workflow.☆52Updated last week
- Darkfiles finds orphaned files in container images and makes them to bad deeds☆42Updated 2 years ago
- A place for the InfoSec community to share and celebrate real stories of organizations successfully using SBOMs (and other bills of mater …☆43Updated last year
- ☆12Updated 2 years ago
- Compare vulnerability scanners results (to make them better!)☆22Updated this week
- Rego policies for enterprise-scale Compliance-as-Code with OPA Conftest.☆58Updated last year
- ☆56Updated last week
- Simple tool that allows you to detect imposter commits in GitHub Actions workflows.☆23Updated 8 months ago
- fatt tries to find any purl in your project by looking at predefined fields in the supported packages. These fields describe using a purl…☆11Updated this week
- Useful scripts, Docker images, docker-compose apps, and Terraform modules.☆150Updated this week
- A tool to create, transform and attest VEX metadata☆153Updated last week
- Pre-commit git hooks for Open Policy Agent (OPA) and Rego development☆67Updated 2 months ago
- ☆23Updated 2 years ago