|6 days ago||6 days ago|
|Apache License 2.0||GNU General Public License v3.0 or later|
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
How to automate certificate renewal with Azure Key vault?
2 projects | /r/kubernetes | 21 Nov 2022
If this seems a bit complicated, you could use SPIRE server to issue certificates and Otterize SPIRE integration operator to renew them in Kubernetes and update Secrets.
What are the most important metrics for measuring cloud and endpoint security?
5 projects | /r/cybersecurity | 5 Dec 2021
BlindSPOT: https://blindspotsec.com/ Specific graphic from BlindSPOT: https://blindspotsec.com/wp-content/uploads/2021/04/Failure_Before.jpg How to Measure Anything in Cybersecurity Risk: https://www.amazon.com/dp/B01J4XYM16/ Monte Carlo simulation approach: https://embracethered.com/blog/posts/2020/red-teaming-and-monte-carlo-simulations/ D3FEND: https://d3fend.mitre.org/ ATT&CK mappings: https://github.com/center-for-threat-informed-defense/attack-control-framework-mappings ATT&CK evals: https://attackevals.mitre-engenuity.org/index.html CALDERA: https://github.com/mitre/caldera Offensive Countermeasures: https://www.amazon.com/dp/1974671690/ SPIFFE: https://spiffe.io/ SPIRE: https://github.com/spiffe/spire Zerotier: https://www.zerotier.com/ Zerotier libzt: https://github.com/zerotier/libzt
We haven't tracked posts mentioning in-toto-golang yet.
Tracking mentions began in Dec 2020.
What are some alternatives?
spiffe-vault - Integrates Spiffe and Vault to have secretless authentication
cosign - Container Signing
slsa-provenance-action - Github Action implementation of SLSA Provenance Generation
fosite - Extensible security first OAuth 2.0 and OpenID Connect SDK for Go.
tfsec - Security scanner for your Terraform code
libzt - Encrypted P2P sockets over ZeroTier
Vault - A tool for secrets management, encryption as a service, and privileged access management
tfsec - Security scanner for your Terraform code [Moved to: https://github.com/aquasecurity/tfsec]
trasa - Zero Trust Service Access
attack-control-framework-mappings - Security control framework mappings to MITRE ATT&CK provide a critically important resource for organizations to assess their security control coverage against real-world threats and provide a bridge for integrating ATT&CK-based threat information into the risk management process.