Stars
A place for the InfoSec community to share and celebrate real stories of organizations successfully using SBOMs (and other bills of material) to actually manage and reduce security risk in meaningf…
Resolve production issues, fast. An open source observability platform unifying session replays, logs, metrics, traces and errors powered by ClickHouse and OpenTelemetry.
Resources to help vulnerability scanners
OpenTofu lets you declaratively manage your cloud infrastructure.
The Finch CLI is an open source client for container development
A universal SBOM representation in protocol buffers
A high performance and flexible authorization/permission engine built for developers and inspired by Google Zanzibar
Cloud cost estimates for Terraform in pull requests💰📉 Shift FinOps Left!
Orchestrate end-to-end encryption, cryptographic identities, mutual authentication, and authorization policies between distributed applications – at massive scale.
StackGres Operator, Full Stack PostgreSQL on Kubernetes // !! Mirror repository of https://gitlab.com/ongresinc/stackgres, only accept Merge Requests there.
Vulnerability scanner written in Go which uses the data provided by https://osv.dev
A utility to generate SPDX-compliant Bill of Materials manifests
Main package repository for production Wolfi images
Code signing and transparency for containers and binaries
EarlyBird is a sensitive data detection tool capable of scanning source code repositories for clear text password violations, PII, outdated cryptography methods, key files and more.
Stuff to make standing up sigstore (esp. for testing) easier for e2e/integration testing.
Kubernetes tools in a "distroless" container
Sigstore Policy Controller - an admission controller that can be used to enforce policy on a Kubernetes cluster based on verifiable supply-chain metadata from cosign
A reading list for software supply-chain security.