Awesome Open Source
Search
Programming Languages
Languages
All Categories
Categories
About
Search results for sbom supply chain security
sbom
x
supply-chain-security
x
15 search results found
Tern
⭐
909
Tern is a software composition analysis tool and Python library that generates a Software Bill of Materials for container images and Dockerfiles. The SBOM that Tern generates will give you a layer-by-layer view of what's inside your container in a variety of formats including human-readable, JSON, HTML, SPDX and more.
Dep Scan
⭐
673
OWASP dep-scan is a next-generation security and risk audit tool based on known vulnerabilities, advisories, and license limitations for project dependencies. Both local repositories and container images are supported as the input, and the tool is ideal for integration.
Chainloop
⭐
225
Chainloop is an open source software supply chain control plane, a single source of truth for artifacts plus a declarative attestation crafting process.
Sbom Operator
⭐
173
Catalogue all images of a Kubernetes cluster to multiple targets with Syft
Awesome Software Supply Chain Security
⭐
165
A compilation of resources in the software supply chain security domain, with emphasis on open source
Sbomqs
⭐
109
SBOM quality score - Quality metrics for your sboms
Software Supply Chain Security
⭐
102
A compilation of Software Supply Chain Security resources including initiatives, standards, regulations, organizations, vendors, tooling, books, articles and a plethora of learning resources from the web.
Macaron
⭐
97
Macaron is an extensible supply chain security analysis framework from Oracle Labs that supports a wide range of build systems and CI/CD services. It can be used to prevent supply chain attacks or check conformance to frameworks, such as SLSA.
S3cme
⭐
45
Template Go app repo with local test/lint/build/vulnerability check workflow, and on tag image test/build/release pipelines, with ko generative SBOM, cosign attestation, and SLSA build provenance
Codetotal
⭐
27
Analyze any snippet, file, or repository to detect possible security flaws such as secret in code, open source vulnerability, code security, vulnerability, insecure infrastructure as code, and potential legal issues with open source licenses.
Awesome Software Supply Chain Security
⭐
20
Sharing software supply chain security open source projects
Securechain Java
⭐
17
TuxCare SecureChain enhances Java supply chain security through vetted libraries, vulnerability fixes, and extended support. Ideal for enterprise-level compliance and secure development.
Hoppr Cop
⭐
10
Hoppr Cop is a cli and python library that generates high quality vulnerability information from a cyclone-dx Software Bill of Materials (SBOM) by aggregating data from multiple vulnerability databases. This project is a mirror from gitlab
Guac Ai Mole
⭐
8
🥑 Charting the Course for Secure Software Supply Chain
Software Supply Chain Security Java
⭐
7
This repo contains the technology stack and its usage for software supply chain security of a Java application
Related Searches
Sbom Software Bill Of Materials (56)
Sbom Cyclonedx (51)
Sbom Spdx (37)
Sbom Vex (28)
Python Sbom (22)
Golang Sbom (19)
Java Sbom (16)
Golang Supply Chain Security (12)
Devsecops Sbom (11)
Supply Chain Sbom (11)
1-15 of 15 search results
Privacy
|
About
|
Terms
|
Follow Us On Twitter
Copyright 2018-2024 Awesome Open Source. All rights reserved.