About
Category
From the developer
Minder by Stacklok is an open source and extensible platform that helps OSS maintainers and project owners consistently protect their code repos, build pipelines, and artifacts from malicious attacks.
Minder Features
Repository configuration and security
Most development teams have multiple repos—averaging 6x the number of developers. Minder helps you simplify configuration and management of security policies and settings across multiple project repos.
Proactive security enforcement
Continuously enforce security best practices like secret scanning, branch protections, artifact signing and more by setting granular policies to alert or auto-remediate.
Artifact attestation
Make sure your artifacts are tamper-proof by setting a policy to verify that all artifacts are signed using Sigstore, and display signature and verification status for those artifacts.
Dependency and license management
Manage your dependency security posture and supported licenses by helping developers make better choices and enforcing controls. Minder integrates with Trusty to enable policy-driven management based on dependency risk level.
Pricing and setup
Free for open source projects and public repositories
Open Source
Free for open source projects and public repositories
- Unlimited public repositories
- Integration with GitHub Security features
- Custom policies for your organization
- Automatic remediation
Minder by Stacklok is provided by a third-party and is governed by separate privacy policy and support documentation