awesome-repositories.com
المدونة
awesome-repositories.com

اكتشف أفضل مستودعات المصادر المفتوحة باستخدام بحث مدعوم بالذكاء الاصطناعي.

استكشفعمليات بحث منسقةبدائل مفتوحة المصدربرمجيات ذاتية الاستضافةالمدونةخريطة الموقع
المشروعحولكيفية ترتيب النتائجالصحافةخادم MCP
قانونيالخصوصيةالشروط
© 2026 Bringes Technology SRL·VAT RO45896025·hello@awesome-repositories.com
·

11 مستودعات

Awesome GitHub RepositoriesMicroservices Security

Defense-in-depth for distributed architectures.

Distinguishing note: Focuses on service-to-service security in distributed systems.

Explore 11 awesome GitHub repositories matching security & cryptography · Microservices Security. Refine with filters or upvote what's useful.

Awesome Microservices Security GitHub Repositories

اعثر على أفضل المستودعات باستخدام الذكاء الاصطناعي.سنبحث عن أفضل المستودعات المطابقة باستخدام الذكاء الاصطناعي.
  • owasp/cheatsheetseriesالصورة الرمزية لـ OWASP

    OWASP/CheatSheetSeries

    32,298عرض على GitHub↗

    The OWASP Cheat Sheet Series is a comprehensive, community-driven repository of concise security best practices and defensive coding patterns. It serves as a centralized knowledge base for developers and security professionals, providing actionable guidance to secure applications across the entire software development lifecycle. The project covers a vast array of security domains, ranging from fundamental web application hardening and authentication protocols to specialized controls for modern infrastructure and artificial intelligence systems. What distinguishes this project is its decentral

    Applies defense-in-depth principles to ensure individual services remain protected.

    Pythonapplication-securityappsecbest-practices
    عرض على GitHub↗32,298
  • grpc/grpc-goالصورة الرمزية لـ grpc

    grpc/grpc-go

    22,962عرض على GitHub↗

    grpc-go is a Go language implementation of the gRPC framework, providing a remote procedure call library for high-performance service communication. It uses the HTTP/2 protocol to execute functions on remote servers as if they were local methods and utilizes protobuf service bindings to generate type-safe client and server code. The project features a bidirectional streaming transport that supports asynchronous, full-duplex message streams between clients and servers. This networking layer allows for various communication patterns, including client-to-server and server-to-client streaming, to

    Secures service-to-service communication in distributed architectures using transport layer security.

    Godogs-over-catsgiant-robotsgo
    عرض على GitHub↗22,962
  • dromara/sa-tokenالصورة الرمزية لـ dromara

    dromara/Sa-Token

    18,626عرض على GitHub↗

    Sa-Token is a Java-based authentication and authorization framework designed to manage user sessions, permissions, and identity verification within web applications and microservice architectures. It provides a centralized security layer that enforces access control policies and identity validation across distributed service environments and API gateways. The framework distinguishes itself through its support for cross-domain single sign-on and its ability to function as an OAuth2 identity provider. It manages user session lifecycles by applying configurable rules for single or multi-login re

    Enforces centralized identity verification and access control policies across distributed microservice architectures and API gateways.

    Javaaouth2authorizationjava
    عرض على GitHub↗18,626
  • macrozheng/mall-swarmالصورة الرمزية لـ macrozheng

    macrozheng/mall-swarm

    13,001عرض على GitHub↗

    Mall-swarm is a microservices-based e-commerce system built with Spring Cloud Alibaba and Spring Boot. It functions as a scalable online retail platform designed to manage complex business logic through a distributed architecture of independent services. The system utilizes Kubernetes and Docker for service orchestration, incorporating a unified API gateway for traffic routing and service discovery. Security is handled via a unified identity and access management framework for verifying user tokens across all connected microservices. The platform includes a dedicated search engine for high-p

    Secures distributed services using the Sa-Token framework for unified identity and access management.

    Javadockerelasticsearchjava
    عرض على GitHub↗13,001
  • open-policy-agent/opaالصورة الرمزية لـ open-policy-agent

    open-policy-agent/opa

    11,860عرض على GitHub↗

    This project is a unified, cloud-native policy engine designed to decouple authorization and security logic from application codebases. It functions as a centralized authorization service that evaluates structured input data against declarative rules, enabling consistent policy enforcement across microservices, infrastructure, and continuous integration pipelines. The engine utilizes a specialized logic programming language to express complex constraints, which are compiled into an optimized intermediate representation for high-performance evaluation. By supporting both sidecar-based deployme

    Intercepts and validates network requests at the service level to enforce fine-grained access control.

    Goauthorizationcloud-nativecompliance
    عرض على GitHub↗11,860
  • zhoutaoo/springcloudالصورة الرمزية لـ zhoutaoo

    zhoutaoo/SpringCloud

    8,932عرض على GitHub↗

    SpringCloud is a development platform for building distributed systems and cloud-native microservices. It provides an integrated framework for microservice development, incorporating service governance, security, and system coordination. The platform features a microservice gateway for managing traffic through dynamic routing and rate limiting, alongside a service registry for discovery. It implements distributed security through token-based authentication, role-based access control, and a specialized system that uses aspect-oriented programming to automatically enforce data-level permissions

    Implements centralized authentication and authorization for distributed architectures using Spring Security and secure tokens.

    feign-clientjetcachenacos
    عرض على GitHub↗8,932
  • apache/shenyuA

    apache/shenyu

    8,794عرض على GitHub↗

    Shenyu is a microservices API gateway designed to route external traffic to backend services using dynamic rules and protocol conversion. It functions as a central entry point that manages traffic flow through a combination of an API traffic governor, a distributed configuration manager, and a security layer for protecting endpoints. The project features a dynamic plugin architecture that allows for the injection of custom request processing logic without restarting the server. It utilizes a distributed coordination service to synchronize routing and policy updates across a gateway cluster in

    Integrates microservices security by verifying digital signatures and tokens to authorize backend access.

    Java
    عرض على GitHub↗8,794
  • cncf/curriculumالصورة الرمزية لـ cncf

    cncf/curriculum

    6,578عرض على GitHub↗

    The CNCF Curriculum is an open-source repository that organizes exam domains and learning paths for CNCF certification courses covering Kubernetes and cloud-native technologies. It structures certification content into weighted domains that reflect exam question distribution, providing a structured study guide for candidates preparing for CNCF certifications. The curriculum is organized around multiple cloud-native domains including networking, security, GitOps, platform engineering, and certification preparation. It teaches cloud-native concepts through the lens of building and operating int

    Teaches pod security contexts and network policies to limit the blast radius of compromised workloads.

    cncf
    عرض على GitHub↗6,578
  • microsoft/security-101الصورة الرمزية لـ microsoft

    microsoft/Security-101

    6,203عرض على GitHub↗

    Security-101 is a vendor-agnostic, foundational cybersecurity learning curriculum organized into modular, framework-aligned modules. It is designed to build core knowledge across multiple security domains without tying content to specific products or platforms, making it suitable for both beginners and professionals seeking a structured introduction to the field. The curriculum is built around established security frameworks, including the MITRE ATT&CK framework for standardized threat analysis and the NIST Cybersecurity Framework for incident response workflows. It covers a broad range of do

    Covers authentication, authorization, and data protection measures for APIs and microservice architectures.

    HTMLappseccia-triaddata-protection
    عرض على GitHub↗6,203
  • zlt2000/microservices-platformالصورة الرمزية لـ zlt2000

    zlt2000/microservices-platform

    4,735عرض على GitHub↗

    هذا المشروع عبارة عن معمارية مؤسسية شاملة لبناء أنظمة موزعة متعددة المستأجرين، تم تنفيذها كمنصة خدمات مصغرة Spring Cloud. يوفر إطار عمل كاملاً لإدارة الخدمات المصغرة، مع التركيز على معمارية بيانات متعددة المستأجرين وتوفير الهوية المركزية. تتميز المنصة بنهجها المتكامل للهوية والأمان، حيث تستخدم مزود هوية OAuth2 لإدارة تسجيل الدخول الموحد، والتحكم في الوصول القائم على الأدوار، وإصدار رموز JWT عبر الخدمات الموزعة. كما تفصل الحدود التنظيمية من خلال عزل بيانات متعدد المستأجرين، مما يضمن تقسيم الموارد والبيانات منطقياً أو فيزيائياً بين المستأجرين المختلفين. يغطي النظام سطحاً واسعاً من القدرات الموزعة، بما في ذلك حوكمة الخدمة من خلال توجيه بوابة API وكسر الدائرة، وتنسيق البيانات عبر المعاملات الموزعة وآليات القفل. كما يتضمن مكدس مراقبة موزع لتتبع الطلبات والسجلات المركزية، إلى جانب مزامنة محرك البحث في الوقت الفعلي والمراسلة غير المتزامنة القائمة على الأحداث. يتم دعم سير عمل التطوير من خلال أدوات أتمتة لإنشاء كود التطبيق وتغليف الملفات الثنائية الخاصة بالمنصة.

    Provides a centralized security authority to manage authentication and authorization across all microservices.

    Javaelkgpejava
    عرض على GitHub↗4,735
  • nytimes/gizmoالصورة الرمزية لـ nytimes

    nytimes/gizmo

    3,773عرض على GitHub↗

    Gizmo is a microservice development toolkit and HTTP server framework designed for building distributed services. It provides a collection of libraries for managing service lifecycles, including standardized configuration, logging, and health checks. The toolkit includes a PubSub messaging interface that abstracts the publishing and consuming of messages across different brokers and HTTP endpoints, featuring built-in mocking for integration testing. It also provides a security layer for validating inbound authentication tokens using public key signatures and custom decoders. The project cove

    Implements security for distributed architectures by validating identity tokens using public key signatures.

    Gogizmogogoogle-pubsub
    عرض على GitHub↗3,773
  1. Home
  2. Security & Cryptography
  3. Microservices Security

استكشف الوسوم الفرعية

  • Blast Radius ReductionTechniques to limit the impact of compromised workloads through pod security contexts and network policies. **Distinct from Microservices Security:** Distinct from Microservices Security: focuses on containment strategies within Kubernetes, not general service-to-service security.