Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality. Learn more →
Top 15 Go cloud-security Projects
-
terrascan
Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.
-
Fleet
Open-source platform for IT, security, and infrastructure teams. (Linux, macOS, Chrome, Windows, cloud, data center) (by fleetdm)
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
constellation
Constellation is the first Confidential Kubernetes. Constellation shields entire Kubernetes clusters from the (cloud) infrastructure using confidential computing.
-
stackql
Query, provision and operate Cloud and SaaS resources and APIs using an extensible SQL based framework
-
BucketLoot
BucketLoot is an automated S3-compatible bucket inspector that can help users extract assets, flag secret exposures and even search for custom keywords as well as Regular Expressions from publicly-exposed storage buckets by scanning files that store data in plain-text.
-
sgCheckup
sgCheckup generates nmap output based on scanning your AWS Security Groups for unexpected open ports.
-
stackql-provider-registry
Registry for cloud and SaaS providers for StackQL, generated from extensions to the providers OpenAPI3 specification
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
Project mention: A Deep Dive Into Terraform Static Code Analysis Tools: Features and Comparisons | dev.to | 2024-04-16Terrascan Owner/Maintainer: Tenable (acquired in 2022) Age: First release on GitHub on November 28th, 2017 License: Apache License 2.0
Project mention: Osquery: An sqlite3 virtual table exposing operating system data to SQL | news.ycombinator.com | 2024-02-25Yo! We're working on the fix. You can track progress here: https://github.com/fleetdm/fleet/issues/17165
Project mention: Ask HN: How do you manage many profiles and credentials for cloud tooling? | news.ycombinator.com | 2023-10-03You're going to love https://granted.dev. It can be extended further, as we've done internally: https://www.duckbillgroup.com/blog/overhauling-aws-account-a...
Project mention: Using "Confidential Computing" with Hetzner? (Intel SGX/TDX, AMD SEV/SNP) | /r/hetzner | 2023-05-16A lot happening in Europe, Enclaive provides encrypting containers (GitHub), Edgeless Systems provides a whole encrypted k8s with constellation (GitHub), then there are other players like scontain and secustack.
Like Steampipe's revolutionary approach, StackQL harnesses the power of SQL to query your resources seamlessly. Moreover, it empowers you to utilize SQL syntax for querying and creating resources.
Project mention: Open source S3 bucket scanner for secrets and assets | news.ycombinator.com | 2023-10-11
Project mention: Unified analytics and IaC framework for cloud, IdP, and SaaS providers using SQL | news.ycombinator.com | 2023-10-06Hi HN, we have an open-source project called StackQL which can be used for CSPM, cross-provider UAM/entitlements reporting, inventory analysis, and finops across different public cloud and SaaS providers; see https://github.com/stackql/stackql-provider-registry. In addition, StackQL can be used for IaC (across different cloud providers), including multi-cloud transaction and rollback capability, which we are building out. Can be used standalone (in exec or server mode running a postgres wire protocol server) or using Docker, Python, Jupyter, within GitHub Actions (incl https://github.com/marketplace/actions/stackql-studios-stack... and https://github.com/marketplace/actions/stackql-studios-stack...) and more.
The project can also be used with a private registry (API provider) as an application query interface - like GraphQL - except using SQL statements and transformations (including scalar and aggregate functions, joins, unions, and table-valued functions - see https://github.com/stackql/stackql-middleware and https://github.com/stackql/stackql-playground.
We are looking for contributors!! The core project is written in Golang with tests implemented using the Robot framework and Python. We have about 40 related repos in our org, spanning Python, Jupyter, JavaScript/TypeScript (Deno and NodeJS). Let us know what you think!
Go cloud-security related posts
- Acquisitions lead to struggles for Windows and Linux device management
- Unified analytics and IaC framework for cloud, IdP, and SaaS providers using SQL
- OpenSource Mobile Device Management
- Anyone using Fleet? Thoughts?
- Using "Confidential Computing" with Hetzner? (Intel SGX/TDX, AMD SEV/SNP)
- Mögliche Lösungen zu selbstzerstörenden Umgebungen mit einem Trigger
- Where are you hosting your Managed Kubernetes and why?
-
A note from our sponsor - InfluxDB
www.influxdata.com | 25 Apr 2024
Index
What are some of the best open-source cloud-security projects in Go? This list will help you:
Project | Stars | |
---|---|---|
1 | terrascan | 4,494 |
2 | Fleet | 2,117 |
3 | cloudfox | 1,794 |
4 | stratus-red-team | 1,618 |
5 | veinmind-tools | 1,469 |
6 | paralus | 930 |
7 | granted | 888 |
8 | constellation | 867 |
9 | stackql | 433 |
10 | BucketLoot | 334 |
11 | iamzero | 236 |
12 | cloudsec-icons | 178 |
13 | harp | 143 |
14 | sgCheckup | 82 |
15 | stackql-provider-registry | 21 |
Sponsored