Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

Find secrets with Gitleaks 🔑

The easiest, and most secure way to access and protect all of your infrastructure.

Open Policy Agent (OPA) is an open source, general-purpose policy engine.

A Pluggable Terraform Linter

A Mighty CLI for AWS

Interactive Terraform visualization. State and configuration explorer.

Write tests against structured configuration data using the Open Policy Agent Rego query language

Automatically generate Go (golang) struct definitions from example JSON

The SPIFFE Runtime Environment

go-audit is an alternative to the auditd daemon that ships with many distros

Kubernetes History Visualization

GitHub App to set and enforce security policies

A simple HTTP proxy that fogs over naughty URLs

Terraform GitHub provider

A terraform provider to manage objects in a RESTful API

Metrics Pipeline for interoperability and Enterprise Prometheus

A plugin to enforce OPA policies with Envoy

Integrations, examples, and proof-of-concepts that are not part of OPA proper.

A Vault client, but for containers and servers.

Automatically sync groups into Kubernetes RBAC

Use different IAM roles for each Docker container on an EC2 instance

rpCheckup is an AWS resource policy security checkup tool that identifies public, external account access, intra-org account access, and private resources.

Control AWS infrastructure easily from a single command line written in Go

proof-of-concept for recovering the master key from a Hashicorp Vault process