in-toto

Here are 9 public repositories matching this topic...

guacsec / guac

GUAC aggregates software security metadata into a high fidelity graph database.

security graph supply-chain vulnerability vex spdx vulnerability-management software-supply-chain supply-chain-analytics sbom attestations in-toto cyclonedx slsa supply-chain-security supply-chain-visibility software-supply-chain-security spdx-sbom cyclonedx-sbom

Updated Apr 16, 2025
Go

chainloop-dev / chainloop

Star

Evidence store and policy engine for your Software Supply Chain attestations, SBOMs, VEX, SARIF, QA reports, and more

security open-source-licensing compliance license spdx attestation devsecops ospo oss-compliance sbom in-toto cyclonedx slsa supply-chain-security sbom-distribution slsa-provenance metadata-platform sbom-discovery regulated-industry

Updated Apr 16, 2025
Go

in-toto / in-toto-golang

Star

A Go implementation of in-toto. in-toto is a framework to protect software supply chain integrity.

security software-supply-chain in-toto

Updated Apr 16, 2025
Go

argoproj-labs / argocd-interlace

Star

Enabling Software Supply Chain Security Capabilities in ArgoCD

argocd in-toto sigstore software-supply-chain-security

Updated Nov 4, 2022
Go

philips-labs / slsa-provenance-action

Star

Github Action implementation of SLSA Provenance Generation

security provenance software-supply-chain hacktoberfest security-tools github-actions github-action in-toto slsa

Updated Apr 15, 2025
Go

cnabio / signy

Star

Go implementation for CNAB content trust verification using TUF, Notary, and in-toto

cnab tuf notary in-toto

Updated Jul 5, 2023
Go

in-toto / attestation-verifier

Star

Prototype in-toto attestation verifier based on ITE-10 and ITE-11 layouts

in-toto

Updated Mar 25, 2025
Go

docker / attest

Star

Library to create, verify, and evaluate policy for attestations on container images

oci attestation in-toto rego slsa supply-chain-security the-update-framework

Updated Dec 2, 2024
Go

engineerd / in-toto-container

Star

Programmatically running in-toto verifications in a container

in-toto

Updated Dec 7, 2022
Go

Improve this page

Add a description, image, and links to the in-toto topic page so that developers can more easily learn about it.

Curate this topic

Add this topic to your repo

To associate your repository with the in-toto topic, visit your repo's landing page and select "manage topics."

Learn more

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

in-toto

Here are 9 public repositories matching this topic...

guacsec / guac

chainloop-dev / chainloop

in-toto / in-toto-golang

argoproj-labs / argocd-interlace

philips-labs / slsa-provenance-action

cnabio / signy

in-toto / attestation-verifier

docker / attest

engineerd / in-toto-container

Improve this page

Add this topic to your repo