xeol-io / xeolLinks
A scanner for end-of-life (EOL) software and dependencies in container images, filesystems, and SBOMs
☆416Updated last week
Alternatives and similar repositories for xeol
Users that are interested in xeol are comparing it to the libraries listed below
Sorting:
- Evidence store and policy engine for your Software Supply Chain attestations, SBOMs, VEX, SARIF, QA reports, and more☆505Updated this week
- Evaluate source control (GitHub) security posture☆251Updated 2 years ago
- Witness is a pluggable framework for software supply chain risk management. It automates, normalizes, and verifies software artifact pro…☆498Updated this week
- Inspect certificate authorities in container images☆238Updated last week
- boostsecurityio/poutine☆339Updated 2 weeks ago
- An open source, cloud-native security to protect everything from build to runtime☆322Updated this week
- SecObserve is an open source vulnerability and license management system for software development teams and cloud environments. It suppor…☆187Updated last week
- A security layer for Git repositories☆553Updated this week
- Open source compliance tool for development platforms.☆288Updated last year
- Enrich SBOMs with data from third party services☆196Updated last month
- Simple plug-and-play Github Action to block unauthorized outbound traffic (egress) in your Github workflows☆112Updated last week
- Validate the isolation posture of your container environment.☆301Updated 2 months ago
- A GitHub App that acts like a Security Token Service (STS) for the Github API☆233Updated last week
- Detect and remediate misconfigurations and security risks across all your GitHub and GitLab assets☆815Updated 6 months ago
- Generate a score for your sbom to understand if it will actually be useful.☆234Updated last year
- sbomqs: The Comprehensive SBOM Quality & Compliance Tool☆246Updated last week
- (D)ocker(F)ile (C)onverter: CLI to convert Dockerfiles to use Chainguard Images and APKs in FROM and RUN lines etc.☆92Updated last month
- Chalk allows you to follow code from development, through builds and into production.☆408Updated last week
- A license scanner for container images and filesystems.☆110Updated last week
- ForgeMT is a secure, scalable GitHub Actions runner platform for ephemeral workloads. Designed for multi-tenant environments, it automate…☆193Updated this week
- open source, cloud-native, graph-based asset inventory☆374Updated this week
- Runtime Security Solution for your CI/CD Pipeline☆110Updated 4 months ago
- CI/CD Security Analyzer☆675Updated 8 months ago
- BadRobot - Operator Security Audit Tool☆223Updated last week
- A universal SBOM representation in protocol buffers☆303Updated last week
- GitGoat is an open source tool that was built to enable DevOps and Engineering teams to design and implement a sustainable misconfigurati…☆170Updated 9 months ago
- The security workflow engine!☆126Updated last week
- Notice: Postee is no longer under active development or maintenance.☆208Updated last month
- Harden-Runner is a CI/CD security agent that works like an EDR for GitHub Actions runners. It monitors network egress, file integrity, an…☆896Updated last week
- A tool to create, transform and attest VEX metadata☆160Updated last week