14 results found Sort:
- Filter by Primary Language:
- Go (7)
- Python (2)
- Java (1)
- Rust (1)
- +
An open source tool focused on software supply chain security. 墨菲安全专注于软件供应链安全,具备专业的软件成分分析(SCA)、漏洞检测、专业漏洞库。
Created
2022-03-16
1,449 commits to v3 branch, last one 2 days ago
GUAC aggregates software security metadata into a high fidelity graph database.
Created
2022-06-10
1,769 commits to main branch, last one a day ago
OpenSCA is an open source software supply chain security solution that supports the detection of open source dependencies, vulnerabilities and license compliance with a widely noticed accuracy by the ...
Created
2021-12-30
990 commits to master branch, last one 2 months ago
An open-source tool for auditing your software supply chain stack for security compliance based on a new CIS Software Supply Chain benchmark.
Created
2022-05-12
69 commits to main branch, last one 5 months ago
Software Supply Chain Security Platform
Created
2023-04-05
4,618 commits to main branch, last one 2 days ago
A compilation of resources in the software supply chain security domain, with emphasis on open source
sbom
devsecops
attestation
awesome-list
cve-scanning
dependencies
oss-compliance
static-analysis
package-management
reproducible-builds
supply-chain-attacks
dependency-management
software-supply-chain
supply-chain-security
security-vulnerability
vulnerability-scanning
vulnerability-management
software-composition-analysis
software-supply-chain-security
Created
2022-02-20
447 commits to main branch, last one about a year ago
A suite of utilities to help with software supply chain challenges on nix targets
Created
2022-12-08
271 commits to main branch, last one 10 days ago
Software Component Verification Standard (SCVS)
Created
2019-08-28
149 commits to master branch, last one 8 months ago
A Go implementation of in-toto. in-toto is a framework to protect software supply chain integrity.
Created
2018-10-15
995 commits to master branch, last one 8 days ago
Towards Measuring Supply Chain Attacks on Package Managers for Interpreted Languages
Created
2020-07-23
8 commits to master branch, last one 3 years ago
Command line interface for the Phylum API
Created
2021-03-19
1,094 commits to main branch, last one a day ago
in-toto is a framework to secure the software supply chain.
Created
2022-11-10
47 commits to main branch, last one 18 days ago
Github Action implementation of SLSA Provenance Generation
Created
2021-09-13
535 commits to main branch, last one 12 days ago
Sharing software supply chain security open source projects
Created
2022-02-18
18 commits to main branch, last one 2 years ago