Search Results for "risk"
Sort By:
Showing 26 open source projects for "risk"
View related business solutions-
Gen AI apps are built with MongoDB AtlasMongoDB Atlas is the developer-friendly database used to build, scale, and run gen AI and LLM-powered apps—without needing a separate vector database. Atlas offers built-in vector search, global availability across 115+ regions, and flexible document modeling. Start building AI apps faster, all in one place.
-
MongoDB Atlas runs apps anywhereMongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.
-
1
Mattermost
Mattermost is an open source platform for secure collaboration
... with popular technical tools like GitHub, GitLab and ServiceNow. Seamlessly switch from chat to audio calls and screenshare without switching tools. Checklist-based process playbooks with workflow orchestration in one unified location. Orchestrate and execute repeatable processes with better command. Accelerate productivity and reduce risk without sacrificing security. -
2
StackRox Kubernetes
Performs a risk analysis of the container environment
The StackRox Kubernetes Security Platform performs a risk analysis of the container environment, delivers visibility and runtime alerts, and provides recommendations to proactively improve security by hardening the environment. StackRox integrates with every stage of the container lifecycle: build, deploy and runtime. The StackRox Kubernetes Security platform is built on the foundation of the product formerly known as Prevent, which itself was called Mitigate and Apollo. You may find references... -
3
Portainer.io
Making Docker and Kubernetes management easy
Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. It is designed to be as simple to deploy as it is to use. The application allows you to manage all your orchestrator resources (containers, images, volumes, networks and more) through a ‘smart’ GUI and/or an extensive API. Portainer consists of a single container that can run on any cluster. It can be deployed as a... -
4
Boulder
An ACME-based certificate authority, written in Go
... at greater risk of compromise. The Registration Authority can live without Internet connectivity, but still needs to talk to the Web Front End and Validation Authority. The Certificate Authority need only receive instructions from the Registration Authority. All components talk to the SA for storage. Internally, the logic of the system is based around five types of objects: accounts, authorizations, challenges, orders (for ACME v2) and certificates. -
Simple, Secure Domain RegistrationRegister or renew your domain and pay only what we pay. No markups, hidden fees, or surprise add-ons. Choose from over 400 TLDs (.com, .ai, .dev). Every domain is integrated with Cloudflare's industry-leading DNS, CDN, and free SSL to make your site faster and more secure. Simple, secure, at-cost domain registration.
-
5
Terrascan
Detect compliance and security violations across Infrastructure
Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure. As you embrace Infrastructure as Code (IaC) such as Terraform, Kubernetes, Argo CD, Atlantis and AWS CloudFormation, it is important to ensure that security best practices and compliance requirements are observed. Terracan provides 500+ out-of-the-box policies so that you can scan IaC against common policy standards such as the CIS Benchmark. It leverages... -
6
Capslock
Tool to remap Caps Lock key behavior on Windows systems
..., giving developers visibility into what their dependencies are capable of doing. This helps apply the Principle of Least Privilege to Go software, guiding audits, supply chain reviews, and trust assessments. Capslock aims to make security posture analysis more proactive by surfacing capability-based risk signals before malicious or overly powerful code is introduced into production. -
7
Chainlink
node of the decentralized oracle network
... with existing systems, and integrate with any current or future blockchain. Integrate pre-built, time-tested oracle solutions that already secure tens of billions in smart contract value for market-leading decentralized applications. Use a decentralized network of Chainlink Automation nodes to automate contracts, mitigating risk of manual interventions and centralized servers. -
8
NATS
Server for NATS.io, the cloud and edge native messaging system
With flexible deployments models using clusters, superclusters, and leaf nodes, optimize communications for your unique deployment. The NATS Adaptive Edge Architecture allows for a perfect fit for unique needs to connect devices, edge, cloud or hybrid deployments. With true multi-tenancy, securely isolate and share your data to fully meet your business needs, mitigating risk and achieving faster time to value. Security is bifurcated from topology, so you can connect anywhere in a deployment... -
9
SecretScanner
Find secrets and passwords in container images and file systems
Deepfence SecretScanner can find unprotected secrets in container images or file systems. Secrets are any kind of sensitive or private data that gives authorized users permission to access critical IT infrastructure (such as accounts, devices, networks, cloud based services), applications, storage, databases, and other kinds of critical data for an organization. For example, passwords, AWS access IDs, AWS secret access keys, Google OAuth Key etc. are secrets. Secrets should be strictly kept... -
Powering the best of the internet | FastlyEnsure your websites, applications and services can effortlessly handle the demands of your users with Fastly. Fastly’s portfolio is designed to be highly performant, personalized and secure while seamlessly scaling to support your growth.
-
10
flagger
Progressive delivery Kubernetes operator (Canary, A/B Testing)
Flagger is a progressive delivery tool that automates the release process for applications running on Kubernetes. It reduces the risk of introducing a new software version in production by gradually shifting traffic to the new version while measuring metrics and running conformance tests. Flagger implements several deployment strategies (Canary releases, A/B testing, Blue/Green mirroring) using a service mesh (App Mesh, Istio, Linkerd, Kuma, Open Service Mesh) or an ingress controller (Contour... -
11
Stacklok Minder
Software Supply Chain Security Platform
Minder by Stacklok is an open source platform that helps development teams and open source communities build more secure software, and prove to others that what they’ve built is secure. Minder helps project owners proactively manage their security posture by providing a set of checks and policies to minimize risk along the software supply chain and attest their security practices to downstream consumers. Minder allows users to enroll repositories and define policies to ensure repositories... -
12
Kubescape
Kubescape is an open-source Kubernetes security platform for your IDE
... an in-depth view of what is going on in the cluster. Kubescape includes misconfiguration and vulnerability scanning as well as risk analysis and security compliance indicators. All results are presented in context and users get many cues on what to do based on scan results. Targeted at the DevSecOps practitioner or platform engineer, it offers an easy-to-use CLI interface, flexible output formats, and automated scanning capabilities. -
13
Komiser
Cloud environment inspector
.... Control your usage and create visibility across all used services to achieve maximum cost-effectiveness. Govern a secure and compliant environment by detecting potential vulnerabilities that could put your cloud environment at risk. Ask your manager or marketing team if your company would be interested in supporting our project. -
14
Inbucket
Disposable webmail server (similar to Mailinator) with built in SMTP
... to demonstrate an email without sharing your Gmail password, and load testing your application without overwhelming your corporate Exchange server. You can use production data in your test environment without the risk of test messages leaking to an end user, and preview emails in multiple desktop email clients. Use Inbucket for all these needs and more. -
15
NATS Go Client
Golang client for NATS, the cloud native messaging system
With flexible deployment models using clusters, superclusters, and leaf nodes, optimize communications for your unique deployment. The NATS Adaptive Edge Architecture allows for a perfect fit for unique needs to connect devices, edge, cloud or hybrid deployments. With true multi-tenancy, securely isolate and share your data to fully meet your business needs, mitigating risk and achieving faster time to value. Security is bifurcated from topology, so you can connect anywhere in deployment... -
16
Kubernetes Dashboard
General-purpose web UI for Kubernetes clusters
... and graphs to be available. Make sure that you know what you are doing before proceeding. Granting admin privileges to Dashboard's Service Account might be a security risk. In most cases after provisioning cluster using kops, kubeadm or any other popular tool, the ClusterRole cluster-admin already exists in the cluster. We can use it and create only ClusterRoleBinding for our ServiceAccount. If it does not exist then you need to create this role first and grant required privileges manually. -
17
Reviewpad
Next generation pull requests and issues
... and that goal is what has driven our work at Reviewpad. At the core of this experience is security – developers should be able to go faster without increasing the risk of introducing changes that can hurt their products, users, and organizations. -
18
bluemonday
Fast golang HTML sanitizer (inspired by the OWASP Java HTML Sanitizer
... to mitigate the risk is to sanitize user input against a known safe list of HTML elements and attributes. If you use blackfriday or Pandoc then bluemonday should be run after these steps. This ensures that no insecure HTML is introduced later in your process. Allowlist based, you need to either build a policy describing the HTML elements and attributes to permit. -
19
Pget
The fastest, resumable file download client
Multi-Connection Download using parallel requests. This program comes with no warranty. You must use this program at your own risk. -
20
Amazon EC2 Spot Interrupter
CLI tool that triggers Amazon EC2 Spot Interruption Notifications
... Notifications, Rebalance Recommendation Events are sent to spot instances that are at higher risk of being interrupted. Handling Rebalance Recommendations can potentially give your application even more time to gracefully shutdown than the 2 minutes an Interruption Notification would give you. It can be challenging to test your application's handling of Spot Interruption Notifications and Rebalance Recommendations. -
21
Twirp
A simple RPC framework with protobuf service definitions
Twirp is a simple RPC framework built on protobuf. You define a service in a .proto specification file, then Twirp will generate servers and clients for that service. It's your job to fill in the "business logic" that powers the server, and then generated clients can consume your service straight away. Twirp routing and serialization reduces the risk of introducing bugs. Both JSON and Protobuf are supported. The Protobuf protocol is designed to allow backwards compatible changes (unlike JSON... -
22
Kelp
Kelp is a free and open-source trading bot for the Stellar DEX
... control over the bot. Whenever you trade on Stellar, you are trading with volatile assets, in volatile markets, and you risk losing money. Kelp is experimental software that contains bugs. Use Kelp at your own risk. There is no guarantee you'll make a profit from using our bots or strategies. In fact, if you set bad parameters or market conditions to change, Kelp might help you lose money very fast. So be smart and go slow. -
23
pcp - Peer Copy
Command line peer-to-peer data transfer tool based on libp2p
... to serve and whom not, etc. Further, as this recent issue in croc shows, this is a real risk for the sustainable operation of the provided service. -
24
Go Safe Web
Secure-by-default HTTP servers in Go
go-safeweb is a security-focused HTTP framework for Go that bakes in secure defaults so common web vulnerabilities are harder to introduce. Instead of leaving headers and policies to ad-hoc middleware, it sets Content Security Policy, X-Frame-Options, and other protections by default, and centralizes template escaping rules. Request handling emphasizes principled APIs for parsing and validating input, reducing the risk of injection and deserialization bugs. The framework’s routing and response... -
25
Kafka-Pixy
gRPC/REST proxy for Kafka
..., therefore it needs to talk to Zookeeper directly to manage consumer group membership. Kafka-Pixy does not support wildcard subscriptions and therefore cannot coexist in a consumer group with clients using them. It should be possible to use other clients in the same consumer group as kafka-pixy instance if they subscribe to topics by their full names, but that has never been tested so do that at your own risk.