Stars
GUAC aggregates software security metadata into a high fidelity graph database.
Superseded by https://github.com/guacsec/trustify
Tool for collecting vulnerability data from various sources (used to build the grype database)
Vulnerability scanner written in Go which uses the data provided by https://osv.dev
CLI tool and library for generating a Software Bill of Materials from container images and filesystems
eBPF-based Security Observability and Runtime Enforcement
This repo contains the rust version of the containers/ocicrypt library.
Confidential Containers Guest Tools and Components
Collection of Go packages to work with SPDX files
A utility to generate SPDX-compliant Bill of Materials manifests
Witness is a pluggable framework for software supply chain risk management. It automates, normalizes, and verifies software artifact provenance.
Encryption libraries for Encrypted OCI Container images
Keyhouse is a skeleton of general-purpose Key Management System written in Rust.
Tornjak is a UI and management layer used for brokering human access to one or more SPIRE deployments
⚖️ The CNCF Technical Oversight Committee (TOC) is the technical governing body of the CNCF Foundation.
contaiNERD CTL - Docker-compatible CLI for containerd, with support for Compose, Rootless, eStargz, OCIcrypt, IPFS, ...
A collection of public resources about how software companies test their software
Simple react component for guitar chord charts with audio
Trusted Service Identity is closing the gap of preventing access to secrets by an untrusted operator during the process of obtaining authorization for data access by the applications running in the…
Open Container Initiative-based implementation of Kubernetes Container Runtime Interface
An implementation of Function-Hiding Inner Product Encryption