Security

GitProtect.io Backup

By xoperosoftware

Fully manageable, most professional repository and metadata backup and recovery

725 installs

BackHub Backups by Rewind

By backhub

Backup your GitHub repos and metadata automatically. Get daily backups that can be restored in seconds – AWS storage available

1.8k installs

GuardRails

By guardrailsio

GuardRails provides continuous security feedback for modern development teams

1.7k installs

Semgrep

By returntocorp

Code scanning at ludicrous speed. Find bugs, apply guardrails across your repos, and get feedback in PRs, Slack, or email

1.3k installs

Cloudback Backup

By cloudback

Backups your GitHub repositories, fast and secure

307 installs

Debricked

By debricked

Automatically identify, fix and prevent vulnerabilities in your open source dependencies

590 installs

Nexploit.app

By NeuraLegion

NexPloit is a Dynamic Application Security scanner powered by Artificial Intelligence (AI) and modern scanning technologies

287 installs

Scantist SCA

By scantist

Proactive vulnerability management and license compliance for your third-party components

302 installs

BluBracket Community Edition

By BluBracket

With the Community Edition, Developers, DevSecOps and AppSec Engrs can quickly detect and monitor for secrets in code

656 installs

HackerOne for GitHub

By Hacker0x01

HackerOne streamlines workflow between security and development to speed response, track GitHub issues and remediate faster

15 installs

SonarCloud Scan

By SonarSource

Scan your code with SonarCloud to detect bugs, vulnerabilities and code smells in more than 25 programming languages.

322 stars

Vault Secrets

By hashicorp

A Github Action that allows you to consume HashiCorp Vault™ secrets as secure environment variables

171 stars

GP Security Scan

By whitesource

Scan packages and Docker images uploaded to GitHub Packages

53 stars

Snyk

By snyk

Check your applications for vulnerabilties using Snyk

148 stars

Sysdig Secure Inline Scan

By sysdiglabs

Perform image analysis on locally built container image and post the result of the analysis to Sysdig Secure

18 stars

Gradle Wrapper Validation

By gradle

Validates Gradle Wrapper JAR Files

131 stars

Kubernetes Security Config Watch

By sysdiglabs

Run security privilege comparison against Kubernetes workloads when a PR is open

19 stars

Sysdig CIS Dockerfile Benchmark

By sysdiglabs

Run CIS Dockerfile benchmark against dockerfiles in repository (CIS 4.1, 4.2, 4.3, 4.6, 4.7, 4.9, 4.10)

8 stars

Secrets Sync Action

By google

Copies secrets from the action's environment to many other repos

195 stars

Checkov GitHub Action

By bridgecrewio

Run Checkov against Terraform/CloudFormation infrastructure code, as a pre-packaged GitHub Action

58 stars