CIGuard is a self-hosted security auditor designed to assess and visualize the security posture of CI/CD pipelines. It supports GitLab CI, GitHub Actions, and Jenkins, providing audit-grade visualizations and reports intended for use in security audits and organizational reviews. The tool focuses on generating single-file HTML deliverables that can be opened in any browser, shared via email, or attached to audit reports, eliminating the need for a server to view results.
CIGuard produces several types of audit artifacts, including per-pipeline maps, infrastructure inventories, multi-environment topologies, and organization-wide posture dashboards. The per-pipeline visualizer presents an interactive D3 map of a pipeline's job DAG, with severity-colored cards, gate iconography, click-to-detail functionality, YAML excerpts, remediation suggestions, and a diff mode for comparing scans. The infrastructure inventory feature allows for operator-supplied admin-API audits of CI/CD tooling versions—such as Jenkins, GitLab, Nexus, ArgoCD, Artifactory, SonarQube, and Harbor—cross-referenced with end-of-life data to surface EOL and EOS warnings. The multi-environment topology view maps services against environments, promotion transitions, secret scopes, and network reachability, and can verify drift between asserted gates and actual deployment or branch protection states using live API checks. At the organizational level, CIGuard can scan every repository in a GitHub organization, aggregate findings into a posture dashboard, and provide image inventory and pin-discipline analysis, with drill-down capability for individual repositories.
The platform supports 46 deterministic rules and 17 built-in policies across three CI/CD platforms. It offers multiple output formats and includes several command-line verbs for various audit and visualization tasks, such as scanning individual pipelines, repositories, live inventories, cross-pipeline topology, organization-wide audits, and baseline seeding for delta scans. CIGuard is distributed as a Python CLI tool installable from PyPI, making it suitable for integration into developer machines or CI runners. 0 license.
In the Security & compliance platforms space, CIGuard takes a focused approach. It focuses on auditing and visualizing the security posture of CI/CD pipelines across multiple environments. CIGuard is an open-source project aimed at devOps engineers and security auditors. The project is open source (Apache-2.0). CIGuard is available on the command line, and it can be self-hosted.
CIGuard first shipped in 2026. The project is developed in the open on GitHub with 135 commits in the last 90 days. Across PulseGate's embedding index, CIGuard has few near neighbours, marking it as relatively distinct. Among its 7 catalogued features are pipeline visualization, security audit, and HTML reports.
Latest indexed changes and source events
ciguard.dev discovered by the PulseGate indexer
Other apps tracked under the same category.