Top 15 Go cloud-security Projects

• terrascan

  7 4,218 7.2 Go

  Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.

  

  Project mention: How are you securing your Azure DevOps IaC pipelines? | /r/AZURE | 2023-05-26

  Terrascan could also be useful : https://github.com/tenable/terrascan

• cloudfox

  2 1,560 10.0 Go

  Automating situational awareness for cloud penetration tests.

  

  Project mention: Updates to CloudFox! / CloudFox v1.9.0 | /r/RedSec | 2023-01-11

• SonarQube

  www.sonarqube.org

  sponsored

  Static code analysis for 29 languages.. Your projects are multi-language. So is SonarQube analysis. Find Bugs, Vulnerabilities, Security Hotspots, and Code Smells so you can release quality code every time. Get started analyzing your projects today for free.

  

• Fleet

  10 1,559 9.8 Go

  Open-source platform for IT and security teams with thousands of computers. (Linux, macOS, Windows, Chromebooks, AWS, Google Cloud, Azure, data center, containers, IoT) (by fleetdm)

  

  Project mention: HashiCorp switching to BSL shows a need for open charter companies | news.ycombinator.com | 2023-08-23

  It is indeed early stage. The oldest company is Fleet https://fleetdm.com/ who do open source device management and raised at $100m post in 2022 https://techcrunch.com/2022/04/28/fleet-nabs-20m-to-enable-e...

• stratus-red-team

  1 1,419 0.0 Go

  :cloud: :zap: Granular, Actionable Adversary Emulation for the Cloud

  

  Project mention: Azure PenTesting tools | /r/AZURE | 2022-12-16

  Stratus: https://stratus-red-team.cloud/

• veinmind-tools

  0 1,367 6.2 Go

  veinmind-tools 是由长亭科技自研，基于 veinmind-sdk 打造的容器安全工具集

  

• paralus

  3 831 0.0 Go

  All-in-one Kubernetes access manager. User-level credentials, RBAC, SSO, audit logs.

  

  Project mention: infra alternatives - paralus and pinniped | libhunt.com/r/infra | 2023-04-07

• constellation

  20 750 9.4 Go

  Constellation is the first Confidential Kubernetes. Constellation shields entire Kubernetes clusters from the (cloud) infrastructure using confidential computing.

  

  Project mention: Using "Confidential Computing" with Hetzner? (Intel SGX/TDX, AMD SEV/SNP) | /r/hetzner | 2023-05-16

  A lot happening in Europe, Enclaive provides encrypting containers (GitHub), Edgeless Systems provides a whole encrypted k8s with constellation (GitHub), then there are other players like scontain and secustack.

• Mergify

  blog.mergify.com

  sponsored

  Updating dependencies is time-consuming.. Solutions like Dependabot or Renovate update but don't merge dependencies. You need to do it manually while it could be fully automated! Add a Merge Queue to your workflow and stop caring about PR management & merging. Try Mergify for free.

  

• granted

  7 655 0.0 Go

  The easiest way to access your cloud.

  

  Project mention: Granted | /r/devopspro | 2023-05-17

• iamzero

  0 232 0.0 Go

  Identity & Access Management simplified and secure.

  

• BucketLoot

  2 225 10.0 Go

  BucketLoot is an automated S3-compatible bucket inspector that can help users extract assets, flag secret exposures and even search for custom keywords as well as Regular Expressions from publicly-exposed storage buckets by scanning files that store data in plain-text.

  

  Project mention: Introducing BucketLoot - An Automated Cloud Bucket Inspector | /r/linux | 2023-07-26

• cloudsec-icons

  1 175 10.0 Go

  A collection of cloud security icons :cloud::lock:

  

  Project mention: GitHub - aquasecurity/cloudsec-icons: A collection of cloud security icons | /r/devopsish | 2023-02-13

• stackql

  3 147 10.0 Go

  Query, provision and operate Cloud and SaaS resources and APIs using an extensible SQL based framework

  

  Project mention: StackQL Studios - Query, provision, secure & operate cloud resources using SQL | /r/programming | 2023-02-04

• harp

  0 142 0.0 Go

  Secret management by contract toolchain (by elastic)

  

• sgCheckup

  0 80 0.0 Go

  sgCheckup generates nmap output based on scanning your AWS Security Groups for unexpected open ports.

  

• stackql-provider-registry

  1 20 10.0 Go

  Registry for cloud and SaaS providers for StackQL, generated from extensions to the providers OpenAPI3 specification

  

  Project mention: SQL based OpenAPI client for cloud and SaaS providers | news.ycombinator.com | 2023-01-02

• InfluxDB

  www.influxdata.com

  sponsored

  Collect and Analyze Billions of Data Points in Real Time. Manage all types of time series data in a single, purpose-built database. Run at any scale in any environment in the cloud, on-premises, or at the edge.

  

Go cloud-security related posts

• OpenSource Mobile Device Management
  1 project | /r/opensource | 26 Jun 2023
• Anyone using Fleet? Thoughts?
  1 project | /r/msp | 25 May 2023
• Using "Confidential Computing" with Hetzner? (Intel SGX/TDX, AMD SEV/SNP)
  1 project | /r/hetzner | 16 May 2023
• Mögliche Lösungen zu selbstzerstörenden Umgebungen mit einem Trigger
  2 projects | /r/de_EDV | 21 Apr 2023
• Where are you hosting your Managed Kubernetes and why?
  1 project | /r/kubernetes | 5 Mar 2023
• Why is K8 an issue when compliances become important for enterprises (HIPAA)
  1 project | /r/kubernetes | 2 Mar 2023
• Azure PenTesting tools
  3 projects | /r/AZURE | 16 Dec 2022
• A note from our sponsor - Mergify
  blog.mergify.com | 27 Sep 2023

  Solutions like Dependabot or Renovate update but don't merge dependencies. You need to do it manually while it could be fully automated! Add a Merge Queue to your workflow and stop caring about PR management & merging. Try Mergify for free. Learn more →

Index

Sponsored

Collect and Analyze Billions of Data Points in Real Time

Manage all types of time series data in a single, purpose-built database. Run at any scale in any environment in the cloud, on-premises, or at the edge.

www.influxdata.com

Do not miss the trending Go projects with our weekly report!