Solutions like Dependabot or Renovate update but don't merge dependencies. You need to do it manually while it could be fully automated! Add a Merge Queue to your workflow and stop caring about PR management & merging. Try Mergify for free. Learn more →
Top 15 Go cloud-security Projects
Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.Project mention: How are you securing your Azure DevOps IaC pipelines? | /r/AZURE | 2023-05-26
Terrascan could also be useful : https://github.com/tenable/terrascan
Automating situational awareness for cloud penetration tests.Project mention: Updates to CloudFox! / CloudFox v1.9.0 | /r/RedSec | 2023-01-11
Static code analysis for 29 languages.. Your projects are multi-language. So is SonarQube analysis. Find Bugs, Vulnerabilities, Security Hotspots, and Code Smells so you can release quality code every time. Get started analyzing your projects today for free.
Open-source platform for IT and security teams with thousands of computers. (Linux, macOS, Windows, Chromebooks, AWS, Google Cloud, Azure, data center, containers, IoT) (by fleetdm)Project mention: HashiCorp switching to BSL shows a need for open charter companies | news.ycombinator.com | 2023-08-23
It is indeed early stage. The oldest company is Fleet https://fleetdm.com/ who do open source device management and raised at $100m post in 2022 https://techcrunch.com/2022/04/28/fleet-nabs-20m-to-enable-e...
:cloud: :zap: Granular, Actionable Adversary Emulation for the CloudProject mention: Azure PenTesting tools | /r/AZURE | 2022-12-16
veinmind-tools 是由长亭科技自研，基于 veinmind-sdk 打造的容器安全工具集
All-in-one Kubernetes access manager. User-level credentials, RBAC, SSO, audit logs.Project mention: infra alternatives - paralus and pinniped | libhunt.com/r/infra | 2023-04-07
Constellation is the first Confidential Kubernetes. Constellation shields entire Kubernetes clusters from the (cloud) infrastructure using confidential computing.Project mention: Using "Confidential Computing" with Hetzner? (Intel SGX/TDX, AMD SEV/SNP) | /r/hetzner | 2023-05-16
A lot happening in Europe, Enclaive provides encrypting containers (GitHub), Edgeless Systems provides a whole encrypted k8s with constellation (GitHub), then there are other players like scontain and secustack.
Updating dependencies is time-consuming.. Solutions like Dependabot or Renovate update but don't merge dependencies. You need to do it manually while it could be fully automated! Add a Merge Queue to your workflow and stop caring about PR management & merging. Try Mergify for free.
The easiest way to access your cloud.Project mention: Granted | /r/devopspro | 2023-05-17
Identity & Access Management simplified and secure.
BucketLoot is an automated S3-compatible bucket inspector that can help users extract assets, flag secret exposures and even search for custom keywords as well as Regular Expressions from publicly-exposed storage buckets by scanning files that store data in plain-text.Project mention: Introducing BucketLoot - An Automated Cloud Bucket Inspector | /r/linux | 2023-07-26
A collection of cloud security icons :cloud::lock:Project mention: GitHub - aquasecurity/cloudsec-icons: A collection of cloud security icons | /r/devopsish | 2023-02-13
Query, provision and operate Cloud and SaaS resources and APIs using an extensible SQL based frameworkProject mention: StackQL Studios - Query, provision, secure & operate cloud resources using SQL | /r/programming | 2023-02-04
Secret management by contract toolchain (by elastic)
sgCheckup generates nmap output based on scanning your AWS Security Groups for unexpected open ports.
Registry for cloud and SaaS providers for StackQL, generated from extensions to the providers OpenAPI3 specificationProject mention: SQL based OpenAPI client for cloud and SaaS providers | news.ycombinator.com | 2023-01-02
Collect and Analyze Billions of Data Points in Real Time. Manage all types of time series data in a single, purpose-built database. Run at any scale in any environment in the cloud, on-premises, or at the edge.
Go cloud-security related posts
OpenSource Mobile Device Management
1 project | /r/opensource | 26 Jun 2023
Anyone using Fleet? Thoughts?
1 project | /r/msp | 25 May 2023
Using "Confidential Computing" with Hetzner? (Intel SGX/TDX, AMD SEV/SNP)
1 project | /r/hetzner | 16 May 2023
Mögliche Lösungen zu selbstzerstörenden Umgebungen mit einem Trigger
2 projects | /r/de_EDV | 21 Apr 2023
Where are you hosting your Managed Kubernetes and why?
1 project | /r/kubernetes | 5 Mar 2023
Why is K8 an issue when compliances become important for enterprises (HIPAA)
1 project | /r/kubernetes | 2 Mar 2023
Azure PenTesting tools
3 projects | /r/AZURE | 16 Dec 2022
A note from our sponsor - Mergify
blog.mergify.com | 27 Sep 2023
What are some of the best open-source cloud-security projects in Go? This list will help you: