step-security / ai-codewiseLinks
AI-Powered Code Reviews for Best Practices & Security Issues Across Languages
☆20Updated last year
Alternatives and similar repositories for ai-codewise
Users that are interested in ai-codewise are comparing it to the libraries listed below
Sorting:
- Container image provenance spec that allows tracing CVEs detected in registry images back to a CVE's source of origin.☆43Updated last year
- An SBOM query language and associated utilities☆54Updated last year
- Purpose-built security agent for hosted runners☆36Updated last month
- Agile Threat Modeling as Code☆13Updated 2 years ago
- ☆57Updated 3 years ago
- ☆14Updated this week
- Use SQL to instantly query Prometheus metrics, alerts, labels and more. Open source CLI. No DB required.☆18Updated 2 weeks ago
- ☆29Updated last week
- Lambda function for verifying signed images in ECS☆33Updated last year
- Sigstore's Protocol Buffer specifications☆33Updated this week
- Examples, samples, snippets and scripts to use with Steampipe.☆52Updated 11 months ago
- Use SQL to instantly query GCP resources across regions, projects and organizations. Open source CLI. No DB required.☆43Updated 2 weeks ago
- Compare vulnerability scanners results (to make them better!)☆16Updated this week
- Tooling and library for generation, validation and verification of supply chain metadata documents and frameworks☆31Updated 2 months ago
- ☆20Updated 2 weeks ago
- Use SQL to instantly query secrets and more from source code. Open source CLI. No DB required.☆17Updated 2 weeks ago
- Steampipe Plugin SDK is a simple abstraction layer to write a Steampipe plugin. Plugins automatically work across all engine types includ…☆37Updated this week
- A draft standard for communicating a cryptographic record of build inputs for software artifacts.☆26Updated 2 months ago
- Static analysis for CloudFormation templates to identify common misconfiguration☆57Updated 3 years ago
- A specification for signing methods and formats used by Secure Systems Lab projects.☆79Updated 9 months ago
- ☆13Updated 2 weeks ago
- Interrogate your GitHub resources with the help of the world's greatest detectives: Powerpipe + Steampipe + Sherlock.☆39Updated 8 months ago
- A highly configurable build executor and observer designed to generate signed SLSA provenance attestations about build runs.☆63Updated last week
- SBOM Move - Automate build and transfer of SBOMs across systems☆21Updated this week
- Github Action implementation of SLSA Provenance Generation☆48Updated this week
- Transaction Tokens Service☆43Updated last month
- Darkfiles finds orphaned files in container images and makes them to bad deeds☆42Updated 2 years ago
- Simplify OpenSSF Scorecard tracking in your organization with automated markdown and JSON reports, plus optional GitHub issue alerts☆35Updated last month
- BRAVE (Bare Metal Replication And Virtualization Environment)☆39Updated last year
- Linux agent used to submit realtime SBOMs and dependency usage information to EdgeBit☆14Updated 5 months ago