safedep / vetLinks
Protect against malicious open source packages 🤖
☆662Updated this week
Alternatives and similar repositories for vet
Users that are interested in vet are comparing it to the libraries listed below
Sorting:
- Prevent merging of malicious code in pull requests☆230Updated 5 months ago
- ☆82Updated 7 months ago
- Software Supply Chain Security Platform☆348Updated this week
- boostsecurityio/poutine☆309Updated last week
- A security layer for Git repositories☆537Updated last week
- A scanner for end-of-life (EOL) software and dependencies in container images, filesystems, and SBOMs☆404Updated last week
- CI/CD Security Analyzer☆667Updated 6 months ago
- SecObserve is an open source vulnerability and license management system for software development teams and cloud environments. It suppor…☆153Updated this week
- Detect and remediate misconfigurations and security risks across all your GitHub and GitLab assets☆815Updated 4 months ago
- kntrl is an eBPF based runtime agent that monitors and prevents anomalous behaviour defined by you on your pipeline. kntrl achieves this …☆116Updated 3 months ago
- Validate the isolation posture of your container environment.☆297Updated last week
- RedFlag uses AI to identify high-risk code changes. Run it in batch mode for release candidate testing or in CI pipelines to flag PRs and…☆152Updated 9 months ago
- Gram is Klarna's own threat model diagramming tool☆324Updated 3 weeks ago
- select * from logs; Tailpipe is an open source SIEM for instant log insights, powered by DuckDB. Analyze millions of events in seconds, r…☆474Updated this week
- Repository containing source code of MixewayFlow service that is Swiss army knife for DevSecOps Teams☆52Updated this week
- Practical resources for offensive CI/CD security research. Curated the best resources I've seen since 2021.☆536Updated 6 months ago
- Chalk allows you to follow code from development, through builds and into production.☆393Updated this week
- Runtime Security Solution for your CI/CD Pipeline☆108Updated 2 months ago
- Kingfisher is a blazingly fast secret‑scanning and live validation tool built in Rust☆520Updated this week
- 🔎 Static code analysis engine to find security issues in code.☆1,537Updated this week
- The security workflow engine!☆118Updated this week
- OSV-SCALIBR: A library for Software Composition Analysis☆446Updated this week
- Security tool against dependency typosquatting attacks☆53Updated this week
- A tool for preventing the installation of malicious npm and PyPI packages☆158Updated last week
- Awesome secure by default libraries to help you eliminate bug classes!☆699Updated 4 months ago
- Evidence store and policy engine for your Software Supply Chain attestations, SBOMs, VEX, SARIF, QA reports, and more☆485Updated this week
- Use AI to Scan Your Code from the Command Line for security and code smells. Bring your own keys. Supports OpenAI and Gemini☆174Updated 4 months ago
- Witness is a pluggable framework for software supply chain risk management. It automates, normalizes, and verifies software artifact pro…☆492Updated last week
- Scans Software Bill of Materials (SBOMs) for security vulnerabilities☆578Updated 4 months ago
- Focused malicious code detection ruleset, with a high protection-to-noise ratio☆123Updated 6 months ago