awesome-repositories.com
Blog
awesome-repositories.com

Découvrez les meilleurs dépôts open-source grâce à notre recherche par IA.

ExplorerRecherches sélectionnéesAlternatives open sourceLogiciels auto-hébergésBlogPlan du site
ProjetÀ proposNotre méthodologiePresseServeur MCP
Mentions légalesConfidentialitéConditions d'utilisation
© 2026 Bringes Technology SRL·VAT RO45896025·hello@awesome-repositories.com
·

11 dépôts

Awesome GitHub RepositoriesMicroservices Security

Defense-in-depth for distributed architectures.

Distinguishing note: Focuses on service-to-service security in distributed systems.

Explore 11 awesome GitHub repositories matching security & cryptography · Microservices Security. Refine with filters or upvote what's useful.

Awesome Microservices Security GitHub Repositories

Trouvez les meilleurs dépôts grâce à l'IA.Nous recherchons les dépôts les plus pertinents grâce à l'IA.
  • owasp/cheatsheetseriesAvatar de OWASP

    OWASP/CheatSheetSeries

    32,298Voir sur GitHub↗

    The OWASP Cheat Sheet Series is a comprehensive, community-driven repository of concise security best practices and defensive coding patterns. It serves as a centralized knowledge base for developers and security professionals, providing actionable guidance to secure applications across the entire software development lifecycle. The project covers a vast array of security domains, ranging from fundamental web application hardening and authentication protocols to specialized controls for modern infrastructure and artificial intelligence systems. What distinguishes this project is its decentral

    Applies defense-in-depth principles to ensure individual services remain protected.

    Pythonapplication-securityappsecbest-practices
    Voir sur GitHub↗32,298
  • grpc/grpc-goAvatar de grpc

    grpc/grpc-go

    22,962Voir sur GitHub↗

    grpc-go is a Go language implementation of the gRPC framework, providing a remote procedure call library for high-performance service communication. It uses the HTTP/2 protocol to execute functions on remote servers as if they were local methods and utilizes protobuf service bindings to generate type-safe client and server code. The project features a bidirectional streaming transport that supports asynchronous, full-duplex message streams between clients and servers. This networking layer allows for various communication patterns, including client-to-server and server-to-client streaming, to

    Secures service-to-service communication in distributed architectures using transport layer security.

    Godogs-over-catsgiant-robotsgo
    Voir sur GitHub↗22,962
  • dromara/sa-tokenAvatar de dromara

    dromara/Sa-Token

    18,626Voir sur GitHub↗

    Sa-Token is a Java-based authentication and authorization framework designed to manage user sessions, permissions, and identity verification within web applications and microservice architectures. It provides a centralized security layer that enforces access control policies and identity validation across distributed service environments and API gateways. The framework distinguishes itself through its support for cross-domain single sign-on and its ability to function as an OAuth2 identity provider. It manages user session lifecycles by applying configurable rules for single or multi-login re

    Enforces centralized identity verification and access control policies across distributed microservice architectures and API gateways.

    Javaaouth2authorizationjava
    Voir sur GitHub↗18,626
  • macrozheng/mall-swarmAvatar de macrozheng

    macrozheng/mall-swarm

    13,001Voir sur GitHub↗

    Mall-swarm is a microservices-based e-commerce system built with Spring Cloud Alibaba and Spring Boot. It functions as a scalable online retail platform designed to manage complex business logic through a distributed architecture of independent services. The system utilizes Kubernetes and Docker for service orchestration, incorporating a unified API gateway for traffic routing and service discovery. Security is handled via a unified identity and access management framework for verifying user tokens across all connected microservices. The platform includes a dedicated search engine for high-p

    Secures distributed services using the Sa-Token framework for unified identity and access management.

    Javadockerelasticsearchjava
    Voir sur GitHub↗13,001
  • open-policy-agent/opaAvatar de open-policy-agent

    open-policy-agent/opa

    11,860Voir sur GitHub↗

    This project is a unified, cloud-native policy engine designed to decouple authorization and security logic from application codebases. It functions as a centralized authorization service that evaluates structured input data against declarative rules, enabling consistent policy enforcement across microservices, infrastructure, and continuous integration pipelines. The engine utilizes a specialized logic programming language to express complex constraints, which are compiled into an optimized intermediate representation for high-performance evaluation. By supporting both sidecar-based deployme

    Intercepts and validates network requests at the service level to enforce fine-grained access control.

    Goauthorizationcloud-nativecompliance
    Voir sur GitHub↗11,860
  • zhoutaoo/springcloudAvatar de zhoutaoo

    zhoutaoo/SpringCloud

    8,932Voir sur GitHub↗

    SpringCloud is a development platform for building distributed systems and cloud-native microservices. It provides an integrated framework for microservice development, incorporating service governance, security, and system coordination. The platform features a microservice gateway for managing traffic through dynamic routing and rate limiting, alongside a service registry for discovery. It implements distributed security through token-based authentication, role-based access control, and a specialized system that uses aspect-oriented programming to automatically enforce data-level permissions

    Implements centralized authentication and authorization for distributed architectures using Spring Security and secure tokens.

    feign-clientjetcachenacos
    Voir sur GitHub↗8,932
  • apache/shenyuA

    apache/shenyu

    8,794Voir sur GitHub↗

    Shenyu is a microservices API gateway designed to route external traffic to backend services using dynamic rules and protocol conversion. It functions as a central entry point that manages traffic flow through a combination of an API traffic governor, a distributed configuration manager, and a security layer for protecting endpoints. The project features a dynamic plugin architecture that allows for the injection of custom request processing logic without restarting the server. It utilizes a distributed coordination service to synchronize routing and policy updates across a gateway cluster in

    Integrates microservices security by verifying digital signatures and tokens to authorize backend access.

    Java
    Voir sur GitHub↗8,794
  • cncf/curriculumAvatar de cncf

    cncf/curriculum

    6,578Voir sur GitHub↗

    The CNCF Curriculum is an open-source repository that organizes exam domains and learning paths for CNCF certification courses covering Kubernetes and cloud-native technologies. It structures certification content into weighted domains that reflect exam question distribution, providing a structured study guide for candidates preparing for CNCF certifications. The curriculum is organized around multiple cloud-native domains including networking, security, GitOps, platform engineering, and certification preparation. It teaches cloud-native concepts through the lens of building and operating int

    Teaches pod security contexts and network policies to limit the blast radius of compromised workloads.

    cncf
    Voir sur GitHub↗6,578
  • microsoft/security-101Avatar de microsoft

    microsoft/Security-101

    6,203Voir sur GitHub↗

    Security-101 is a vendor-agnostic, foundational cybersecurity learning curriculum organized into modular, framework-aligned modules. It is designed to build core knowledge across multiple security domains without tying content to specific products or platforms, making it suitable for both beginners and professionals seeking a structured introduction to the field. The curriculum is built around established security frameworks, including the MITRE ATT&CK framework for standardized threat analysis and the NIST Cybersecurity Framework for incident response workflows. It covers a broad range of do

    Covers authentication, authorization, and data protection measures for APIs and microservice architectures.

    HTMLappseccia-triaddata-protection
    Voir sur GitHub↗6,203
  • zlt2000/microservices-platformAvatar de zlt2000

    zlt2000/microservices-platform

    4,735Voir sur GitHub↗

    Ce projet est une architecture d'entreprise complète pour construire des systèmes distribués multi-locataires, implémentée en tant que plateforme de microservices Spring Cloud. Il fournit un framework complet pour gérer les microservices, en se concentrant sur l'architecture de données multi-locataires et la fourniture d'identité centralisée. La plateforme se distingue par son approche intégrée de l'identité et de la sécurité, utilisant un fournisseur d'identité OAuth2 pour gérer l'authentification unique (SSO), le contrôle d'accès basé sur les rôles et l'émission de jetons JWT à travers les services distribués. Elle sépare en outre les frontières organisationnelles via l'isolation des données multi-locataires, garantissant que les ressources et les données sont logiquement ou physiquement partitionnées entre différents locataires. Le système couvre une large surface de capacités distribuées, notamment la gouvernance des services via le routage par passerelle API et le circuit breaking, et la coordination des données via des transactions distribuées et des mécanismes de verrouillage. Il inclut également une pile d'observabilité distribuée pour le traçage des requêtes et la journalisation centralisée, ainsi qu'une synchronisation de moteur de recherche en temps réel et une messagerie asynchrone pilotée par événements. Le flux de travail de développement est pris en charge par des outils d'automatisation pour la génération de code d'application et l'empaquetage de binaires spécifiques à la plateforme.

    Provides a centralized security authority to manage authentication and authorization across all microservices.

    Javaelkgpejava
    Voir sur GitHub↗4,735
  • nytimes/gizmoAvatar de nytimes

    nytimes/gizmo

    3,773Voir sur GitHub↗

    Gizmo is a microservice development toolkit and HTTP server framework designed for building distributed services. It provides a collection of libraries for managing service lifecycles, including standardized configuration, logging, and health checks. The toolkit includes a PubSub messaging interface that abstracts the publishing and consuming of messages across different brokers and HTTP endpoints, featuring built-in mocking for integration testing. It also provides a security layer for validating inbound authentication tokens using public key signatures and custom decoders. The project cove

    Implements security for distributed architectures by validating identity tokens using public key signatures.

    Gogizmogogoogle-pubsub
    Voir sur GitHub↗3,773
  1. Home
  2. Security & Cryptography
  3. Microservices Security

Explorer les sous-tags

  • Blast Radius ReductionTechniques to limit the impact of compromised workloads through pod security contexts and network policies. **Distinct from Microservices Security:** Distinct from Microservices Security: focuses on containment strategies within Kubernetes, not general service-to-service security.