Helm charts for sigstore project

Takes a software bill of materials and outputs provenance, and activity data from trustypkg.dev

Action for generating attestations for workflow artifacts

Verify Sigstore Gitsign commit signatures

Blazing fast Neovim framework providing solid defaults and a beautiful UI, enhancing your neovim experience.

Simple plug-and-play Github Action to block unauthorized outbound traffic (egress) in your Github workflows

The ultimate Vim configuration (vimrc)

Helm charts for verifying artifact attestations in Kubernetes

Temporary GitHub managed Sigstore Policy Controller fork

Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

Harden-Runner is a CI/CD security agent that works like an EDR for GitHub Actions runners. It monitors network egress, file integrity, and process activity on those runners, detecting threats in re…

sigstore helm-charts and build scripts opinionated for running on OCP and RHEL

OpenSSF Scorecard - Security health metrics for Open Source

A tool for exploring each layer in a docker image

The Kubernetes Security Profiles Operator

Cryptography Bill of Materials

kubectl plugin for signing Kubernetes manifest YAML files with sigstore

Ostorlab KEV: One-command to detect most remotely known exploitable vulnerabilities. Sourced from CISA KEV, Google's Tsunami, Ostorlab's Asteroid and Bug Bounty programs.

Keyless Git signing using Sigstore

Github Action implementation of SLSA Provenance Generation

Sigstore Policy Controller - an admission controller that can be used to enforce policy on a Kubernetes cluster based on verifiable supply-chain metadata from cosign

Supply-chain Levels for Software Artifacts

A set of Python command line tools for working with SARIF files produced by code analysis tools

An admission controller that integrates Container Image Signature Verification into a Kubernetes cluster

Dockerfile cross-compilation helpers

Code signing and transparency for containers and binaries