14 results found Sort:
- Filter by Primary Language:
- Go (7)
- Python (2)
- Java (1)
- Rust (1)
- +
An open source tool focused on software supply chain security. 墨菲安全专注于软件供应链安全,具备专业的软件成分分析(SCA)、漏洞检测、专业漏洞库。
Created
2022-03-16
1,313 commits to v3 branch, last one 2 days ago
GUAC aggregates software security metadata into a high fidelity graph database.
Created
2022-06-10
1,420 commits to main branch, last one 18 hours ago
OpenSCA is an open source software supply chain security solution that supports the detection of open source dependencies, vulnerabilities and license compliance with a widely noticed accuracy by the ...
Created
2021-12-30
939 commits to master branch, last one 2 days ago
An open-source tool for auditing your software supply chain stack for security compliance based on a new CIS Software Supply Chain benchmark.
Created
2022-05-12
68 commits to main branch, last one about a month ago
A compilation of resources in the software supply chain security domain, with emphasis on open source
sbom
devsecops
attestation
awesome-list
cve-scanning
dependencies
oss-compliance
static-analysis
package-management
reproducible-builds
supply-chain-attacks
dependency-management
software-supply-chain
supply-chain-security
security-vulnerability
vulnerability-scanning
vulnerability-management
software-composition-analysis
software-supply-chain-security
Created
2022-02-20
447 commits to main branch, last one about a year ago
Software Supply Chain Security Platform
Created
2023-04-05
3,332 commits to main branch, last one 17 hours ago
Software Component Verification Standard (SCVS)
Created
2019-08-28
149 commits to master branch, last one about a month ago
A Go implementation of in-toto. in-toto is a framework to protect software supply chain integrity.
Created
2018-10-15
938 commits to master branch, last one 2 days ago
Towards Measuring Supply Chain Attacks on Package Managers for Interpreted Languages
Created
2020-07-23
8 commits to master branch, last one 3 years ago
A suite of utilities to help with software supply chain challenges on nix targets
Created
2022-12-08
244 commits to main branch, last one 2 days ago
Command line interface for the Phylum API
Created
2021-03-19
992 commits to main branch, last one 3 days ago
in-toto is a framework to secure the software supply chain.
Created
2022-11-10
28 commits to main branch, last one 17 days ago
Github Action implementation of SLSA Provenance Generation
Created
2021-09-13
508 commits to main branch, last one 5 days ago
Sharing software supply chain security open source projects
Created
2022-02-18
18 commits to main branch, last one about a year ago