Back to search
Top Contributors
34
commits
Proof that cilock-action secretscan attestor detects TeamPCP/Trivy-style supply chain attacks. See: testifysec.com/blog/cilock-action-supply-chain-attacks
Stars
1
Forks
0
Watchers
1
Open Issues
0
Overall repository health assessment
^4.18.234
commits
fix: add git+environment attestors to trace job for proper subjects
c453433View on GitHubfix: wrap trivy CLI directly with cilock run instead of cilock-action
ce00e7aView on GitHubfix: use trivy-action@v0.35.0 (v-prefixed tag, latest clean release)
425f217View on GitHubfeat: wrap real aquasecurity/trivy-action with cilock-action
aeeda00View on GitHubfix: pass subject digest to cilock verify for source-restriction policy
1991b97View on GitHubfeat: add source-restriction OPA policy for github-action attestor
9a5e5e4View on GitHubfeat: add perf benchmark jobs comparing npm install with and without trace
da8b9bbView on GitHubfix: add functionaries to trace behavioral policy for Fulcio cert matching
2bed29bView on GitHubtest: upgrade to cilock v0.0.4-fix for subjectless collection + attestation-on-failure fixes
8e27404View on GitHubfix: simplify trace policy to single step to isolate verification issue
6299516View on GitHubfix: use cilock sign to sign trace behavioral policy in CI
6062573View on GitHubfix: re-sign trace behavioral policy with correct DSSE PAE format
346fb5dView on GitHubfeat: add trace-based behavioral OPA policy to detect covert credential harvesting
013ed58View on GitHubfeat: add covert attack test with --trace to test ptrace file detection
02296a3View on GitHub