sozercan / guac-ai-mole
π₯ Inspect and understand an organization's software supply chain that enables stakeholders to make actionable decisions about software supply chain security
β18Updated 10 months ago
Alternatives and similar repositories for guac-ai-mole:
Users that are interested in guac-ai-mole are comparing it to the libraries listed below
- Tooling and library for generation, validation and verification of supply chain metadata documents and frameworksβ31Updated last year
- Visualizer for GUACβ28Updated 3 weeks ago
- Archivista is a graph and storage service for in-toto attestations. Archivista enables the discovery and retrieval of attestations for soβ¦β79Updated this week
- Helm Chart for deploying GUACβ14Updated 3 weeks ago
- Stuff to make standing up sigstore (esp. for testing) easier for e2e/integration testing.β61Updated this week
- A highly configurable build executor and observer designed to generate signed SLSA provenance attestations about build runs.β60Updated this week
- Helm charts for sigstore projectβ70Updated last week
- Example CLI project to demo API architecture and protobom libraryβ20Updated this week
- A CLI tool for creating secure by design/default source repos.β25Updated 6 months ago
- β60Updated 7 months ago
- A place for policy work group related proposals and prototypes.β66Updated last month
- Azure Provider for Notation CLIβ16Updated this week
- OCI Working Group: Reference Typesβ23Updated 2 years ago
- A curated list of awesome CNAB (Cloud Native Applications Bundles) | https://cnab.io/β15Updated 4 years ago
- vexctl is a tool to attest VEX impact statementsβ44Updated last year
- sigstore installation walkthrough, localβ57Updated 9 months ago
- β64Updated 9 months ago
- Kubernetes KMS implementationβ24Updated this week
- Sigstore Policy Controller - an admission controller that can be used to enforce policy on a Kubernetes cluster based on verifiable suppβ¦β126Updated last week
- A specification for signing methods and formats used by Secure Systems Lab projects.β72Updated 5 months ago
- Prototype in-toto attestation verifier based on ITE-10 and ITE-11 layoutsβ16Updated this week
- Cross tooling and interoperability specificationsβ162Updated 3 weeks ago
- sigstore the hard way!β110Updated 9 months ago
- Artifact Ratification Framework (CNCF Sandbox)β248Updated this week
- Search Rekor for entriesβ31Updated this week
- This is a Kubernetes controller that watches for changes to a custom resource and syncs the secrets from external secrets-store as Kubernβ¦β28Updated 2 months ago
- Trivy plugin for OCI referrersβ23Updated 9 months ago
- Container image provenance spec that allows tracing CVEs detected in registry images back to a CVE's source of origin.β43Updated last year
- CLOMonitor is a tool that periodically checks open source projects repositories to verify they meet certain project health best practicesβ121Updated last week
- A CLI used to work with the Wolfi OSS projectβ61Updated this week