Alternatives and similar repositories for cosign

Users that are interested in cosign are comparing it to the libraries listed below

• anchore / syft
  CLI tool and library for generating a Software Bill of Materials from container images and filesystems
  ☆7,455Updated this week
• google / go-containerregistry
  Go library and CLIs for working with container registries
  ☆3,462Updated this week
• chainguard-dev / apko
  Build OCI images from APK packages directly without Dockerfile
  ☆1,400Updated this week
• open-policy-agent / conftest
  Write tests against structured configuration data using the Open Policy Agent Rego query language
  ☆3,022Updated last week
• falcosecurity / falco
  Cloud Native Runtime Security
  ☆8,158Updated last week
• stackrox / kube-linter
  KubeLinter is a static analysis tool that checks Kubernetes YAML files and Helm charts to ensure the applications represented in them adh…
  ☆3,252Updated this week
• goodwithtech / dockle
  Container Image Linter for Security, Helping build the Best-Practice Docker Image, Easy to start
  ☆2,986Updated 7 months ago
• aquasecurity / kube-bench
  Checks whether Kubernetes is deployed according to security best practices as defined in the CIS Kubernetes Benchmark
  ☆7,638Updated last week
• open-policy-agent / gatekeeper
  🐊 Policy Controller for Kubernetes
  ☆3,962Updated last week
• slsa-framework / slsa
  Supply-chain Levels for Software Artifacts
  ☆1,707Updated 2 weeks ago
• buildpacks / pack
  CLI for building apps using Cloud Native Buildpacks
  ☆2,773Updated this week
• derailed / popeye
  👀 A Kubernetes cluster resource sanitizer
  ☆5,977Updated last week
• aquasecurity / starboard
  Superseded by https://github.com/aquasecurity/trivy-operator
  ☆1,367Updated last week
• zegl / kube-score
  Kubernetes object analysis with recommendations for improved reliability and security. kube-score actively prevents downtime and bugs in …
  ☆2,942Updated this week
• containers / skopeo
  Work with remote images registries - retrieving information, images, signing content
  ☆9,556Updated this week
• spiffe / spire
  The SPIFFE Runtime Environment
  ☆2,017Updated this week
• containerd / nerdctl
  contaiNERD CTL - Docker-compatible CLI for containerd, with support for Compose, Rootless, eStargz, OCIcrypt, IPFS, ...
  ☆9,199Updated this week
• cilium / tetragon
  eBPF-based Security Observability and Runtime Enforcement
  ☆4,093Updated this week
• opencost / opencost
  Cost monitoring for Kubernetes workloads and cloud costs
  ☆5,974Updated this week
• aquasecurity / kube-hunter
  Hunt for security weaknesses in Kubernetes clusters
  ☆4,926Updated last year
• siderolabs / talos
  Talos Linux is a modern Linux distribution built for Kubernetes.
  ☆8,489Updated this week
• anchore / grype
  A vulnerability scanner for container images and filesystems
  ☆10,418Updated this week
• sigstore / rekor
  Software Supply Chain Transparency Log
  ☆991Updated last week
• hashicorp / boundary
  Boundary enables identity-based access management for dynamic infrastructure.
  ☆3,944Updated this week
• oras-project / oras
  OCI registry client - managing content like artifacts, images, packages
  ☆1,856Updated this week
• cilium / hubble
  Hubble - Network, Service & Security Observability for Kubernetes using eBPF
  ☆3,894Updated last week
• Checkmarx / kics
  Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastruct…
  ☆2,439Updated this week
• aquasecurity / tracee
  Linux Runtime Security and Forensics using eBPF
  ☆4,000Updated this week
• controlplaneio / kubesec
  Security risk analysis for Kubernetes resources
  ☆1,381Updated last week
• bitnami-labs / sealed-secrets
  A Kubernetes controller and tool for one-way encrypted Secrets
  ☆8,459Updated last week