Alternatives and similar repositories for cato-playbook

Users that are interested in cato-playbook are comparing it to the libraries listed below

• gatecheckdev / gatecheck
  Gatecheck CI/CD Validation Tool
  ☆15Updated 4 months ago
• chainguard-dev / dfc
  (D)ocker(F)ile (C)onverter: CLI to convert Dockerfiles to use Chainguard Images and APKs in FROM and RUN lines etc.
  ☆94Updated 2 months ago
• GoComply / oscalkit
  NIST OSCAL SDK and CLI
  ☆20Updated 2 weeks ago
• TeraSky-OSS / laze
  A tool to provision AWS Landing Zone according to best practices using Terraform
  ☆31Updated 3 years ago
• defenseunicorns-labs / lula1
  The Compliance Validator
  ☆184Updated 3 weeks ago
• privateerproj / privateer
  Privateer is a plugin-based framework to validate the status of deployed resources.
  ☆16Updated this week
• defenseunicorns / uds-cli
  ☆41Updated this week
• stacklok / frizbee
  Throw a tag at it and it comes back with a checksum.
  ☆151Updated this week
• cisco-open / forge
  ForgeMT is a secure, scalable GitHub Actions runner platform for ephemeral workloads. Designed for multi-tenant environments, it automate…
  ☆197Updated this week
• gblues / aws-ml-opt-out
  A Terraform module that makes it a snap to opt out of all AWS AI/ML data harvesting.
  ☆30Updated last year
• anchore / yardstick
  Compare vulnerability scanners results (to make them better!)
  ☆25Updated this week
• IBM / gauge
  Measure release insights and recommendations for open-source dependencies. Note: this project is archived.
  ☆10Updated 2 years ago
• wolfi-dev / tools
  Various tools, images, etc. to support the Wolfi OSS project
  ☆27Updated this week
• chainguard-dev / darkfiles
  Darkfiles finds orphaned files in container images and makes them to bad deeds
  ☆42Updated 2 years ago
• loeken / homelab
  argocd managed homelab running in k3s, with a helper written in go to bootstrap the cluster. can also be run with kvms/proxmox
  ☆14Updated 5 months ago
• aws-samples / devsecops-terraform-dojo-codepipeline
  ☆13Updated 3 years ago
• in-toto / archivista
  Archivista is a graph and storage service for in-toto attestations. Archivista enables the discovery and retrieval of attestations for so…
  ☆103Updated last week
• interlynk-io / sbommv
  SBOM Move - Automate build and transfer of SBOMs across systems
  ☆24Updated last week
• philips-software / SPDXMerge
  SPDX Merge tool
  ☆48Updated 7 months ago
• jetstack / paranoia
  Inspect certificate authorities in container images
  ☆240Updated last week
• mchmarny / vimp
  Compare data from multiple vulnerability scanners to get a more complete picture of potential exposures.
  ☆78Updated 2 years ago
• in-toto / witness
  Witness is a pluggable framework for software supply chain risk management. It automates, normalizes, and verifies software artifact pro…
  ☆507Updated this week
• mitre / hipcheck
  Automatically assess and score software repositories for supply chain risk.
  ☆114Updated 2 weeks ago
• Comcast / Buildenv-Tool
  ☆22Updated 6 months ago
• aquasecurity / vexhub
  ☆30Updated this week
• ysoftwareab / tfrepl
  A terraform REPL.
  ☆32Updated 2 years ago
• probr / probr-core
  Dynamic Application Security Testing (DAST) for Cloud
  ☆44Updated 3 years ago
• defenseunicorns / pepr
  Type safe K8s middleware for humans
  ☆210Updated this week
• anchore / vunnel
  Tool for collecting vulnerability data from various sources (used to build the grype database)
  ☆107Updated this week
• StacklokLabs / mkp
  MKP is a Model Context Protocol (MCP) server for Kubernetes
  ☆55Updated this week