Alternatives and similar repositories for trusty-action

Users that are interested in trusty-action are comparing it to the libraries listed below

• CycloneDX / transparency-exchange-api
  A standard API specification for exchanging supply chain artifacts and intelligence
  ☆83Updated 2 months ago
• openvex / vexctl
  A tool to create, transform and attest VEX metadata
  ☆153Updated this week
• mindersec / minder
  Software Supply Chain Security Platform
  ☆347Updated last week
• bomctl / bomctl
  Format agnostic SBOM tooling
  ☆116Updated 2 weeks ago
• kondukto-io / kntrl
  kntrl is an eBPF based runtime agent that monitors and prevents anomalous behaviour defined by you on your pipeline. kntrl achieves this …
  ☆116Updated 3 months ago
• ossf / security-baseline
  ☆103Updated last week
• interlynk-io / sbommv
  SBOM Move - Automate build and transfer of SBOMs across systems
  ☆23Updated last week
• StacklokLabs / mkp
  MKP is a Model Context Protocol (MCP) server for Kubernetes
  ☆46Updated last week
• ossf / ai-ml-security
  Working Group on Artificial Intelligence and Machine Learning (AI/ML) Security
  ☆106Updated last week
• in-toto / archivista
  Archivista is a graph and storage service for in-toto attestations. Archivista enables the discovery and retrieval of attestations for so…
  ☆99Updated this week
• stacklok / frizbee
  Throw a tag at it and it comes back with a checksum.
  ☆149Updated last week
• chainguard-dev / ghscan
  Scan GitHub Actions Workflow logs for IOCs
  ☆15Updated last week
• mchmarny / s3cme
  Template Go app repo with local test/lint/build/vulnerability check workflow, and on tag image test/build/release pipelines, with ko gene…
  ☆104Updated last year
• bgeesaman / malicious-compliance
  Supporting code and demos for KubeCon EU 2023 talk "Malicious Compliance: Reflections on Trusting Container Image Scanners"
  ☆67Updated last year
• eBay / sbom-scorecard
  Generate a score for your sbom to understand if it will actually be useful.
  ☆232Updated last year
• smithy-security / smithy
  The security workflow engine!
  ☆119Updated this week
• mindersec / minder-rules-and-profiles
  A repository containing example Minder rules and profiles
  ☆23Updated last week
• raesene / Cloud-Native-Security-Talks
  ☆22Updated last month
• snyk / parlay
  Enrich SBOMs with data from third party services
  ☆189Updated last week
• opengrep / opengrep-rules
  ☆83Updated 7 months ago
• anchore / grant
  Search an SBOM for licenses and the packages they belong to
  ☆100Updated this week
• protobom / protobom
  A universal SBOM representation in protocol buffers
  ☆298Updated last week
• RedDotRocket / AgentUp
  Portable , scalable , secure AI Agents
  ☆57Updated this week
• DataDog / supply-chain-firewall
  A tool for preventing the installation of malicious npm and PyPI packages
  ☆158Updated this week
• openvex / spec
  OpenVEX Specification
  ☆156Updated 3 months ago
• CycodeLabs / cimon-action
  Runtime Security Solution for your CI/CD Pipeline
  ☆108Updated 2 months ago
• vishalgarg-sec / Software-Supply-Chain-Security
  A compilation of Software Supply Chain Security resources including initiatives, standards, regulations, organizations, vendors, tooling,…
  ☆136Updated last year
• ossf / wg-orbit
  ORBIT: Open Resources for Baselines, Interoperability, and Tooling
  ☆17Updated 2 weeks ago
• stacklok / sigstore-the-hard-way
  sigstore the hard way!
  ☆117Updated 3 weeks ago
• SBOMit / specification
  ☆65Updated last year