Code signing and transparency for containers and binaries
☆5,734Mar 19, 2026Updated this week
Alternatives and similar repositories for cosign
Users that are interested in cosign are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Software Supply Chain Transparency Log☆1,100Updated this week
- Sigstore OIDC PKI☆814Updated this week
- Keyless Git signing using Sigstore☆1,067Updated this week
- CLI tool and library for generating a Software Bill of Materials from container images and filesystems☆8,541Updated this week
- Common go library shared across sigstore services and clients☆503Updated this week
- A vulnerability scanner for container images and filesystems☆11,769Updated this week
- Unified Policy as Code☆7,516Updated this week
- Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more☆33,205Updated this week
- Build OCI images from APK packages directly without Dockerfile☆1,573Updated this week
- Work with remote images registries - retrieving information, images, signing content☆10,581Mar 16, 2026Updated last week
- Cloud Native Runtime Security☆8,743Updated this week
- Build and deploy Go applications☆8,375Updated this week
- Kubescape is an open-source Kubernetes security platform for your IDE, CI/CD pipelines, and clusters. It includes risk analysis, security…☆11,250Updated this week
- 🥑 Language focused docker images, minus the operating system.☆22,389Mar 16, 2026Updated last week
- 🐊 Policy Controller for Kubernetes☆4,168Mar 16, 2026Updated last week
- Simple and flexible tool for managing secrets☆21,229Updated this week
- Go library and CLIs for working with container registries☆3,777Mar 16, 2026Updated last week
- Build Container Images In Kubernetes☆15,759Jun 3, 2025Updated 9 months ago
- contaiNERD CTL - Docker-compatible CLI for containerd, with support for Compose, Rootless, eStargz, OCIcrypt, IPFS, ...☆9,931Updated this week
- OCI registry client - managing content like artifacts, images, packages☆2,179Updated this week
- The Cloud Native Control Plane☆11,515Updated this week
- eBPF-based Security Observability and Runtime Enforcement☆4,487Updated this week
- A Kubernetes controller and tool for one-way encrypted Secrets☆8,962Updated this week
- Open Policy Agent (OPA) is an open source, general-purpose policy engine.☆11,344Mar 17, 2026Updated last week
- Supply-chain Levels for Software Artifacts☆1,823Mar 11, 2026Updated last week
- Cost monitoring for Kubernetes workloads and cloud costs☆6,433Updated this week
- eBPF-based Networking, Security, and Observability☆23,983Updated this week
- Checks whether Kubernetes is deployed according to security best practices as defined in the CIS Kubernetes Benchmark☆7,982Updated this week
- in-toto is a framework to protect supply chain integrity.☆982Mar 16, 2026Updated last week
- Talos Linux is a modern Linux distribution built for Kubernetes.☆10,085Updated this week
- Automatically provision and manage TLS certificates in Kubernetes☆13,692Updated this week
- Vulnerability Static Analysis for Containers☆10,945Updated this week
- Cluster-wide network observability for Kubernetes. Captures L4 packets, L7 API calls, and decrypted TLS traffic using eBPF, with full Kub…☆11,829Updated this week
- Sigstore Policy Controller - an admission controller that can be used to enforce policy on a Kubernetes cluster based on verifiable supp…☆162Updated this week
- Write tests against structured configuration data using the Open Policy Agent Rego query language☆3,142Mar 14, 2026Updated last week
- A tool that facilitates building OCI images.☆8,677Updated this week
- OpenSSF Scorecard - Security health metrics for Open Source☆5,315Updated this week
- OpenID Connect (OIDC) identity and OAuth 2.0 provider with pluggable connectors☆10,671Updated this week
- KEDA is a Kubernetes-based Event Driven Autoscaling component. It provides event driven scale for any container running in Kubernetes☆9,992Updated this week