slsa-framework / governance

Related projects ⓘ

Alternatives and complementary repositories for governance

• slsa-framework / slsa-proposals
  SLSA Proposals
  ☆9Updated 9 months ago
• slsa-framework / slsa-jenkins-generator
  A proof-of-concept SLSA provenance generator for Jenkins
  ☆19Updated 3 months ago
• ossf / scorecard-webapp
  Website and API for OpenSSF Scorecard
  ☆22Updated this week
• slsa-framework / azure-devops-demo
  SLSA Azure DevOps Pipelines Extension
  ☆26Updated 3 months ago
• github / actions-oidc-gateway-example
  Example of using Actions OIDC token to proxy into a private network
  ☆91Updated last week
• microsoft / scim
  Supply Chain Integrity Model
  ☆104Updated last year
• omnibor / site
  Website for OmniBOR, reproducible identifiers & fine-grained build dependency tracking for software artifacts.
  ☆21Updated 2 weeks ago
• cloud-gov / caulking
  Prevent leaks with gitleaks, and use tests to validate
  ☆32Updated 2 months ago
• advanced-security / GSSAR
  GitHub Secret Scanning Auto Remediator (GSSAR)
  ☆44Updated last year
• advanced-security / enterprise-security-team
  Manage a uniform team of security managers for every organization in your enterprise
  ☆17Updated 3 months ago
• github / enable-security-alerts-sample
  This repository contains a sample script which can be used to enable security vulnerability alerts in all of the repositories in a given …
  ☆79Updated last month
• defenseunicorns / go-oscal
  Repository for the generation of OSCAL data types
  ☆18Updated this week
• chainguard-dev / self-attestation
  Markdown Version of the DHS/CISA Secure Software Development Self Attestation Form.
  ☆21Updated last year
• mchmarny / disco
  Utility for bulk image, license, package, and vulnerability discovery in containerize workloads on GCP. Includes CLI and Service with cus…
  ☆13Updated 9 months ago
• sysdiglabs / terraform-provider-sysdig
  Sysdig Terraform provider. Allow to handle Sysdig Secure policies as code.
  ☆49Updated this week
• chainguard-dev / bomshell
  An SBOM query language and associated utilities
  ☆54Updated 10 months ago
• sigstore / root-signing
  TUF repository for Sigstore trust root
  ☆90Updated this week
• cdfoundation / community-ambassador-program
  CDF Community Ambassador Program: charter, guidelines, application, and meeting details
  ☆17Updated 7 months ago
• SBOMit / specification
  ☆61Updated 4 months ago
• advanced-security / gh-sbom
  Generate SBOMs with gh CLI
  ☆167Updated 2 months ago
• ossf / toolbelt
  ☆18Updated 5 months ago
• ossf / ossf-landscape
  ☆26Updated this week
• google / terraform-google-security-health-checker
  ☆14Updated last year
• ossf / scorecard-monitor
  Simplify OpenSSF Scorecard tracking in your organization with automated markdown and JSON reports, plus optional GitHub issue alerts
  ☆32Updated 4 months ago
• githubtraining / saml-implementation-prep
  Resources for preparing to, and implementing SAML with GitHub Enterprise.
  ☆35Updated 3 years ago
• sigstore / community
  General sigstore community repo
  ☆38Updated this week
• ossf / tac
  Technical Advisory Council
  ☆109Updated last week
• sozercan / guac-ai-mole
  🥑 Inspect and understand an organization's software supply chain that enables stakeholders to make actionable decisions about software s…
  ☆17Updated 7 months ago
• slsa-framework / github-actions-demo
  Proof-of-concept SLSA provenance generator for GitHub Actions
  ☆99Updated 2 years ago
• GoogleCloudPlatform / inspec-gcp-pci-profile
  GCP PCI-DSS 3.2.1 InSpec Profile
  ☆18Updated 3 years ago