Giters
José Miguel Parrella (bureado)

bureado

Geek Repo

103

followers

36

following

96

stars

Company:@microsoft + @Azure

Location:Seattle, WA

Home Page:http://jmp.soy

Twitter:@bureado

Github PK Tool:Github PK Tool

Organizations
Azure

José Miguel Parrella's starred repositories

chainloop

Chainloop is an Open Source evidence store for your Software Supply Chain attestations, SBOMs, VEX, SARIF, CSAF files, QA reports, and more.

Language:GoLicense:Apache-2.0Stargazers:320Issues:0Issues:0

protobom

A universal SBOM representation in protocol buffers

Language:GoLicense:Apache-2.0Stargazers:224Issues:0Issues:0

sealed-secrets

A Kubernetes controller and tool for one-way encrypted Secrets

Language:GoLicense:Apache-2.0Stargazers:7243Issues:0Issues:0

kubesec

Security risk analysis for Kubernetes resources

Language:GoLicense:Apache-2.0Stargazers:1169Issues:0Issues:0

beyla

eBPF-based autoinstrumentation of web applications and network metrics

Language:CLicense:Apache-2.0Stargazers:1213Issues:0Issues:0

package-analysis

Open Source Package Analysis

Language:GoLicense:Apache-2.0Stargazers:711Issues:0Issues:0

wg-best-practices-os-developers

The Best Practices for OSS Developers working group is dedicated to raising awareness and education of secure code best practices for open source developers.

Language:JavaScriptLicense:Apache-2.0Stargazers:666Issues:0Issues:0

blueprint-securesoftwarepipeline

For engineers and security teams driving fast and secure software supply chains

License:Apache-2.0Stargazers:77Issues:0Issues:0

overlay

Overlay is a browser extension helping developers evaluate open source packages before picking them

Language:JavaScriptLicense:MITStargazers:210Issues:0Issues:0

copacetic

🧵 CLI tool for directly patching container images using reports from vulnerability scanners

Language:GoLicense:Apache-2.0Stargazers:818Issues:0Issues:0

openssl-nov-1-critical-cve-2022-tracking

License:MITStargazers:9Issues:0Issues:0

hpsm

Language:GoLicense:GPL-2.0Stargazers:4Issues:0Issues:0

annotate-registry-artifacts

CLI for adding OCI annotations to existing registry artifacts

Language:GoStargazers:5Issues:0Issues:0

image-layer-provenance

Container image provenance spec that allows tracing CVEs detected in registry images back to a CVE's source of origin.

Language:GoLicense:MITStargazers:40Issues:0Issues:0

SecureSoftwareSupplyChain

This repo is a consolidation of Secure Software Supply Chain resources, such as talks, whitepapers, conferences and more.

License:Apache-2.0Stargazers:135Issues:0Issues:0

unlocker

⚠️ Replaced by ItalyPaleAle/Revaulter! -- Wrap and unwrap keys using a key vault with admin consent

Language:GoLicense:MITStargazers:8Issues:0Issues:0

oss-ssc-framework

Open Source Software Secure Supply Chain Framework

License:NOASSERTIONStargazers:232Issues:0Issues:0

OSSGadget

Collection of tools for analyzing open source packages.

Language:C#License:MITStargazers:309Issues:0Issues:0

dotnet

Ubuntu ROCKs for the .NET runtime and family

License:Apache-2.0Stargazers:47Issues:0Issues:0

chisel

Language:GoLicense:AGPL-3.0Stargazers:221Issues:0Issues:0

omega-stracedb

A repository of strace results for lots of packages.

Language:ShellLicense:Apache-2.0Stargazers:2Issues:0Issues:0

template-analyzer

Template scanner for security misconfiguration and best practices

Language:C#License:MITStargazers:120Issues:0Issues:0

security-devops-action

Microsoft Security DevOps for GitHub Actions.

Language:JavaScriptLicense:MITStargazers:97Issues:0Issues:0

Microsoft-Defender-for-Cloud

Welcome to the Microsoft Defender for Cloud community repository

Language:PowerShellLicense:MITStargazers:1633Issues:0Issues:0

sbom-tool

The SBOM tool is a highly scalable and enterprise ready tool to create SPDX 2.2 compatible SBOMs for any variety of artifacts.

Language:C#License:MITStargazers:1474Issues:0Issues:0

DevSkim

DevSkim is a set of IDE plugins, language analyzers, and rules that provide security "linting" capabilities.

Language:C#License:MITStargazers:887Issues:0Issues:0

draft-birkholz-scitt-architecture

A specification including, problem statement, use cases, requirements, and architectural constituents for a Transparency Service in support of Supply Chain Integrity, Transparency, and Trust

Language:MakefileLicense:NOASSERTIONStargazers:14Issues:0Issues:0

zas

Most simple static website generator in Golang.

Language:GoLicense:AGPL-3.0Stargazers:189Issues:0Issues:0

linux-package-repositories

Microsoft Packaged Linux Software (DEBs, RPMs, etc) are hosted on packages.microsoft.com (PMC) made available as native Linux repositories for use with package managers like APT, YUM, etc.

Language:PythonLicense:MITStargazers:54Issues:0Issues:0

awesome-software-supply-chain-security

A compilation of resources in the software supply chain security domain, with emphasis on open source

Stargazers:255Issues:0Issues:0