awesome-repositories.com
博客
awesome-repositories.com

通过 AI 驱动的搜索,发现最优秀的开源仓库。

探索精选搜索开源替代品自托管软件博客网站地图
项目关于排名机制媒体报道MCP 服务器
法律隐私政策服务条款
© 2026 Bringes Technology SRL·VAT RO45896025·hello@awesome-repositories.com
·

11 个仓库

Awesome GitHub RepositoriesMicroservices Security

Defense-in-depth for distributed architectures.

Distinguishing note: Focuses on service-to-service security in distributed systems.

Explore 11 awesome GitHub repositories matching security & cryptography · Microservices Security. Refine with filters or upvote what's useful.

Awesome Microservices Security GitHub Repositories

用 AI 发现最棒的仓库。我们将通过 AI 为您搜索最匹配的仓库。
  • owasp/cheatsheetseriesOWASP 的头像

    OWASP/CheatSheetSeries

    32,298在 GitHub 上查看↗

    The OWASP Cheat Sheet Series is a comprehensive, community-driven repository of concise security best practices and defensive coding patterns. It serves as a centralized knowledge base for developers and security professionals, providing actionable guidance to secure applications across the entire software development lifecycle. The project covers a vast array of security domains, ranging from fundamental web application hardening and authentication protocols to specialized controls for modern infrastructure and artificial intelligence systems. What distinguishes this project is its decentral

    Applies defense-in-depth principles to ensure individual services remain protected.

    Pythonapplication-securityappsecbest-practices
    在 GitHub 上查看↗32,298
  • grpc/grpc-gogrpc 的头像

    grpc/grpc-go

    22,962在 GitHub 上查看↗

    grpc-go is a Go language implementation of the gRPC framework, providing a remote procedure call library for high-performance service communication. It uses the HTTP/2 protocol to execute functions on remote servers as if they were local methods and utilizes protobuf service bindings to generate type-safe client and server code. The project features a bidirectional streaming transport that supports asynchronous, full-duplex message streams between clients and servers. This networking layer allows for various communication patterns, including client-to-server and server-to-client streaming, to

    Secures service-to-service communication in distributed architectures using transport layer security.

    Godogs-over-catsgiant-robotsgo
    在 GitHub 上查看↗22,962
  • dromara/sa-tokendromara 的头像

    dromara/Sa-Token

    18,626在 GitHub 上查看↗

    Sa-Token is a Java-based authentication and authorization framework designed to manage user sessions, permissions, and identity verification within web applications and microservice architectures. It provides a centralized security layer that enforces access control policies and identity validation across distributed service environments and API gateways. The framework distinguishes itself through its support for cross-domain single sign-on and its ability to function as an OAuth2 identity provider. It manages user session lifecycles by applying configurable rules for single or multi-login re

    Enforces centralized identity verification and access control policies across distributed microservice architectures and API gateways.

    Javaaouth2authorizationjava
    在 GitHub 上查看↗18,626
  • macrozheng/mall-swarmmacrozheng 的头像

    macrozheng/mall-swarm

    13,001在 GitHub 上查看↗

    Mall-swarm is a microservices-based e-commerce system built with Spring Cloud Alibaba and Spring Boot. It functions as a scalable online retail platform designed to manage complex business logic through a distributed architecture of independent services. The system utilizes Kubernetes and Docker for service orchestration, incorporating a unified API gateway for traffic routing and service discovery. Security is handled via a unified identity and access management framework for verifying user tokens across all connected microservices. The platform includes a dedicated search engine for high-p

    Secures distributed services using the Sa-Token framework for unified identity and access management.

    Javadockerelasticsearchjava
    在 GitHub 上查看↗13,001
  • open-policy-agent/opaopen-policy-agent 的头像

    open-policy-agent/opa

    11,860在 GitHub 上查看↗

    This project is a unified, cloud-native policy engine designed to decouple authorization and security logic from application codebases. It functions as a centralized authorization service that evaluates structured input data against declarative rules, enabling consistent policy enforcement across microservices, infrastructure, and continuous integration pipelines. The engine utilizes a specialized logic programming language to express complex constraints, which are compiled into an optimized intermediate representation for high-performance evaluation. By supporting both sidecar-based deployme

    Intercepts and validates network requests at the service level to enforce fine-grained access control.

    Goauthorizationcloud-nativecompliance
    在 GitHub 上查看↗11,860
  • zhoutaoo/springcloudzhoutaoo 的头像

    zhoutaoo/SpringCloud

    8,932在 GitHub 上查看↗

    SpringCloud is a development platform for building distributed systems and cloud-native microservices. It provides an integrated framework for microservice development, incorporating service governance, security, and system coordination. The platform features a microservice gateway for managing traffic through dynamic routing and rate limiting, alongside a service registry for discovery. It implements distributed security through token-based authentication, role-based access control, and a specialized system that uses aspect-oriented programming to automatically enforce data-level permissions

    Implements centralized authentication and authorization for distributed architectures using Spring Security and secure tokens.

    feign-clientjetcachenacos
    在 GitHub 上查看↗8,932
  • apache/shenyuA

    apache/shenyu

    8,794在 GitHub 上查看↗

    Shenyu is a microservices API gateway designed to route external traffic to backend services using dynamic rules and protocol conversion. It functions as a central entry point that manages traffic flow through a combination of an API traffic governor, a distributed configuration manager, and a security layer for protecting endpoints. The project features a dynamic plugin architecture that allows for the injection of custom request processing logic without restarting the server. It utilizes a distributed coordination service to synchronize routing and policy updates across a gateway cluster in

    Integrates microservices security by verifying digital signatures and tokens to authorize backend access.

    Java
    在 GitHub 上查看↗8,794
  • cncf/curriculumcncf 的头像

    cncf/curriculum

    6,578在 GitHub 上查看↗

    The CNCF Curriculum is an open-source repository that organizes exam domains and learning paths for CNCF certification courses covering Kubernetes and cloud-native technologies. It structures certification content into weighted domains that reflect exam question distribution, providing a structured study guide for candidates preparing for CNCF certifications. The curriculum is organized around multiple cloud-native domains including networking, security, GitOps, platform engineering, and certification preparation. It teaches cloud-native concepts through the lens of building and operating int

    Teaches pod security contexts and network policies to limit the blast radius of compromised workloads.

    cncf
    在 GitHub 上查看↗6,578
  • microsoft/security-101microsoft 的头像

    microsoft/Security-101

    6,203在 GitHub 上查看↗

    Security-101 is a vendor-agnostic, foundational cybersecurity learning curriculum organized into modular, framework-aligned modules. It is designed to build core knowledge across multiple security domains without tying content to specific products or platforms, making it suitable for both beginners and professionals seeking a structured introduction to the field. The curriculum is built around established security frameworks, including the MITRE ATT&CK framework for standardized threat analysis and the NIST Cybersecurity Framework for incident response workflows. It covers a broad range of do

    Covers authentication, authorization, and data protection measures for APIs and microservice architectures.

    HTMLappseccia-triaddata-protection
    在 GitHub 上查看↗6,203
  • zlt2000/microservices-platformzlt2000 的头像

    zlt2000/microservices-platform

    4,735在 GitHub 上查看↗

    该项目是一个基于 Spring Cloud 微服务平台的企业级多租户分布式系统架构。它提供了一套完整的微服务管理框架,重点在于多租户数据架构和集中式身份认证服务。 该平台通过集成 OAuth2 身份提供商来管理单点登录(SSO)、基于角色的访问控制(RBAC)以及分布式服务间的 JWT 令牌颁发,从而在身份与安全方面表现出色。此外,它通过多租户数据隔离实现了组织边界的划分,确保不同租户间的资源和数据在逻辑或物理上相互独立。 系统涵盖了广泛的分布式能力,包括通过 API 网关路由和熔断机制实现的服务治理,以及通过分布式事务和锁机制实现的数据协调。它还包含用于请求追踪和集中式日志记录的分布式可观测性栈,以及实时搜索引擎同步和异步事件驱动的消息传递机制。 开发工作流通过应用程序代码生成和平台特定的二进制打包自动化工具提供支持。

    Provides a centralized security authority to manage authentication and authorization across all microservices.

    Javaelkgpejava
    在 GitHub 上查看↗4,735
  • nytimes/gizmonytimes 的头像

    nytimes/gizmo

    3,773在 GitHub 上查看↗

    Gizmo is a microservice development toolkit and HTTP server framework designed for building distributed services. It provides a collection of libraries for managing service lifecycles, including standardized configuration, logging, and health checks. The toolkit includes a PubSub messaging interface that abstracts the publishing and consuming of messages across different brokers and HTTP endpoints, featuring built-in mocking for integration testing. It also provides a security layer for validating inbound authentication tokens using public key signatures and custom decoders. The project cove

    Implements security for distributed architectures by validating identity tokens using public key signatures.

    Gogizmogogoogle-pubsub
    在 GitHub 上查看↗3,773
  1. Home
  2. Security & Cryptography
  3. Microservices Security

探索子标签

  • Blast Radius ReductionTechniques to limit the impact of compromised workloads through pod security contexts and network policies. **Distinct from Microservices Security:** Distinct from Microservices Security: focuses on containment strategies within Kubernetes, not general service-to-service security.