stacklok / trusty-actionLinks
Trusty Dependency Risk Action
☆10Updated 8 months ago
Alternatives and similar repositories for trusty-action
Users that are interested in trusty-action are comparing it to the libraries listed below
Sorting:
- A standard API specification for exchanging supply chain artifacts and intelligence☆88Updated 3 weeks ago
- Format agnostic SBOM tooling☆117Updated last week
- Supply-Chain Firewall (SCFW) is a tool for preventing the installation of malicious npm and PyPI packages☆168Updated last week
- Working Group on Artificial Intelligence and Machine Learning (AI/ML) Security☆114Updated last week
- The security workflow engine!☆125Updated last week
- A repository containing example Minder rules and profiles☆24Updated last week
- Runtime Security Solution for your CI/CD Pipeline☆110Updated 4 months ago
- kntrl is an eBPF based runtime agent that monitors and prevents anomalous behaviour defined by you on your pipeline. kntrl achieves this …☆120Updated last month
- ☆93Updated 9 months ago
- Scan GitHub Actions Workflow logs for IOCs☆15Updated 3 weeks ago
- Witness is a pluggable framework for software supply chain risk management. It automates, normalizes, and verifies software artifact pro…☆498Updated last week
- A compilation of Software Supply Chain Security resources including initiatives, standards, regulations, organizations, vendors, tooling,…☆137Updated last year
- SBOM Move - Automate build and transfer of SBOMs across systems☆25Updated this week
- Takes a software bill of materials and outputs provenance, and activity data from trustypkg.dev☆11Updated 5 months ago
- A security tool that detects malicious packages from external vulnerability feeds and searches for them in your package registries or art…☆61Updated 2 weeks ago
- A universal SBOM representation in protocol buffers☆303Updated last week
- A tool to create, transform and attest VEX metadata☆161Updated this week
- ☆22Updated 3 months ago
- Portable , scalable , secure AI Agents☆78Updated this week
- FastLLM - Blazingly Fast Rust based LLM Inference API 🚀☆17Updated last month
- A security tool designed to help review merged code changes to open source maintained repositories via LLM assisted review to safeguard a…☆31Updated last year
- ☆123Updated last week
- Precaution CLI - command line static application security testing tool☆26Updated last week
- Browser based Privacy Aware SBoM Exploration☆15Updated last week
- Template Go app repo with local test/lint/build/vulnerability check workflow, and on tag image test/build/release pipelines, with ko gene…☆103Updated last year
- The OpenSSF Vulnerability Disclosures Working Group seeks to help improve the overall security of the open source software ecosystem by h…☆201Updated 3 weeks ago
- ☆112Updated this week
- Pentester-focused Docker registry tool to enumerate and pull images☆35Updated last week
- This repository contains a SonarQube Plugin that detects cryptographic assets in source code and generates CBOM.☆45Updated this week
- sbomify is a product security artifact management platform.☆36Updated this week