Projects in Awesome Lists tagged with in-toto

A curated list of projects in awesome lists tagged with in-toto .

• Sort

  • Recently synced
  • Stars

https://github.com/guacsec/guac

GUAC aggregates software security metadata into a high fidelity graph database.

attestations cyclonedx cyclonedx-sbom graph in-toto sbom security slsa software-supply-chain software-supply-chain-security spdx spdx-sbom supply-chain supply-chain-analytics supply-chain-security supply-chain-visibility vex vulnerability vulnerability-management

Last synced: 11 Apr 2025

https://github.com/chainloop-dev/chainloop

Evidence store and policy engine for your Software Supply Chain attestations, SBOMs, VEX, SARIF, QA reports, and more

attestation compliance cyclonedx devsecops in-toto license metadata-platform open-source-licensing ospo oss-compliance regulated-industry sbom sbom-discovery sbom-distribution security slsa slsa-provenance spdx supply-chain-security

Last synced: 07 May 2025

https://github.com/in-toto/in-toto-golang

A Go implementation of in-toto. in-toto is a framework to protect software supply chain integrity.

in-toto security software-supply-chain

Last synced: 10 Apr 2025

https://github.com/argoproj-labs/argocd-interlace

Enabling Software Supply Chain Security Capabilities in ArgoCD

argocd in-toto sigstore software-supply-chain-security

Last synced: 17 Nov 2024

https://github.com/in-toto/community

in-toto is a framework to secure the software supply chain.

cncf in-toto software-supply-chain software-supply-chain-security

Last synced: 04 Apr 2025

https://github.com/philips-labs/slsa-provenance-action

Github Action implementation of SLSA Provenance Generation

github-action github-actions hacktoberfest in-toto provenance security security-tools slsa software-supply-chain

Last synced: 06 Apr 2025

https://github.com/cnabio/signy

Go implementation for CNAB content trust verification using TUF, Notary, and in-toto

cnab in-toto notary tuf

Last synced: 21 Nov 2024

https://github.com/r3drun3/immunize

Pipeline for patching CVEs in container images 💉📦

container-image copacetic cve docker in-toto oci security-automation security-tools supply-chain-security vulnerability

Last synced: 21 Apr 2025

https://github.com/in-toto/attestation-verifier

Prototype in-toto attestation verifier based on ITE-10 and ITE-11 layouts

in-toto

Last synced: 17 Dec 2024

https://github.com/docker/attest

Library to create, verify, and evaluate policy for attestations on container images

attestation in-toto oci rego slsa supply-chain-security the-update-framework

Last synced: 01 Apr 2025

https://github.com/pojntfx/uni-supply-chain-paper

A paper on supply chain security in software development for Uni.

chain in-toto modeling supply supply-chain supply-chain-security

Last synced: 12 Dec 2024

https://github.com/danbev/trygg

This is just a experimental project to investigate things related to secure supply chain security.

in-toto opa rust security wasm

Last synced: 21 Feb 2025

https://github.com/simar7/in-toto-rust

an experimental rust implementation of in-toto verifylib

in-toto rust security

Last synced: 01 Apr 2025

https://github.com/angelcamposm/jenkins-shared-library

Jenkins Shared Library

devops devsecops in-toto jenkins jenkins-library mvp poc security slsa-framework slsa-provenance

Last synced: 26 Feb 2025