Go cloud-security

Open-source Go projects categorized as cloud-security

Top 15 Go cloud-security Projects

  • terrascan

    Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.

    Project mention: How are you securing your Azure DevOps IaC pipelines? | /r/AZURE | 2023-05-26

    Terrascan could also be useful : https://github.com/tenable/terrascan

  • cloudfox

    Automating situational awareness for cloud penetration tests.

    Project mention: Updates to CloudFox! / CloudFox v1.9.0 | /r/RedSec | 2023-01-11
  • SonarQube

    Static code analysis for 29 languages.. Your projects are multi-language. So is SonarQube analysis. Find Bugs, Vulnerabilities, Security Hotspots, and Code Smells so you can release quality code every time. Get started analyzing your projects today for free.

  • Fleet

    Open-source platform for IT and security teams with thousands of computers. (Linux, macOS, Windows, Chromebooks, AWS, Google Cloud, Azure, data center, containers, IoT) (by fleetdm)

    Project mention: HashiCorp switching to BSL shows a need for open charter companies | news.ycombinator.com | 2023-08-23

    It is indeed early stage. The oldest company is Fleet https://fleetdm.com/ who do open source device management and raised at $100m post in 2022 https://techcrunch.com/2022/04/28/fleet-nabs-20m-to-enable-e...

  • stratus-red-team

    :cloud: :zap: Granular, Actionable Adversary Emulation for the Cloud

    Project mention: Azure PenTesting tools | /r/AZURE | 2022-12-16

    Stratus: https://stratus-red-team.cloud/

  • veinmind-tools

    veinmind-tools 是由长亭科技自研,基于 veinmind-sdk 打造的容器安全工具集

  • paralus

    All-in-one Kubernetes access manager. User-level credentials, RBAC, SSO, audit logs.

    Project mention: infra alternatives - paralus and pinniped | libhunt.com/r/infra | 2023-04-07
  • constellation

    Constellation is the first Confidential Kubernetes. Constellation shields entire Kubernetes clusters from the (cloud) infrastructure using confidential computing.

    Project mention: Using "Confidential Computing" with Hetzner? (Intel SGX/TDX, AMD SEV/SNP) | /r/hetzner | 2023-05-16

    A lot happening in Europe, Enclaive provides encrypting containers (GitHub), Edgeless Systems provides a whole encrypted k8s with constellation (GitHub), then there are other players like scontain and secustack.

  • Mergify

    Updating dependencies is time-consuming.. Solutions like Dependabot or Renovate update but don't merge dependencies. You need to do it manually while it could be fully automated! Add a Merge Queue to your workflow and stop caring about PR management & merging. Try Mergify for free.

  • granted

    The easiest way to access your cloud.

    Project mention: Granted | /r/devopspro | 2023-05-17
  • iamzero

    Identity & Access Management simplified and secure.

  • BucketLoot

    BucketLoot is an automated S3-compatible bucket inspector that can help users extract assets, flag secret exposures and even search for custom keywords as well as Regular Expressions from publicly-exposed storage buckets by scanning files that store data in plain-text.

    Project mention: Introducing BucketLoot - An Automated Cloud Bucket Inspector | /r/linux | 2023-07-26
  • cloudsec-icons

    A collection of cloud security icons :cloud::lock:

    Project mention: GitHub - aquasecurity/cloudsec-icons: A collection of cloud security icons | /r/devopsish | 2023-02-13
  • stackql

    Query, provision and operate Cloud and SaaS resources and APIs using an extensible SQL based framework

    Project mention: StackQL Studios - Query, provision, secure & operate cloud resources using SQL | /r/programming | 2023-02-04
  • harp

    Secret management by contract toolchain (by elastic)

  • sgCheckup

    sgCheckup generates nmap output based on scanning your AWS Security Groups for unexpected open ports.

  • stackql-provider-registry

    Registry for cloud and SaaS providers for StackQL, generated from extensions to the providers OpenAPI3 specification

    Project mention: SQL based OpenAPI client for cloud and SaaS providers | news.ycombinator.com | 2023-01-02
  • InfluxDB

    Collect and Analyze Billions of Data Points in Real Time. Manage all types of time series data in a single, purpose-built database. Run at any scale in any environment in the cloud, on-premises, or at the edge.

NOTE: The open source projects on this list are ordered by number of github stars. The number of mentions indicates repo mentiontions in the last 12 Months or since we started tracking (Dec 2020). The latest post mention was on 2023-08-23.

Go cloud-security related posts


What are some of the best open-source cloud-security projects in Go? This list will help you:

Project Stars
1 terrascan 4,218
2 cloudfox 1,560
3 Fleet 1,559
4 stratus-red-team 1,419
5 veinmind-tools 1,367
6 paralus 831
7 constellation 750
8 granted 655
9 iamzero 232
10 BucketLoot 225
11 cloudsec-icons 175
12 stackql 147
13 harp 142
14 sgCheckup 80
15 stackql-provider-registry 20
Collect and Analyze Billions of Data Points in Real Time
Manage all types of time series data in a single, purpose-built database. Run at any scale in any environment in the cloud, on-premises, or at the edge.