Search Results - RepositoryStats

176

1.3k

apache-2.0

43

GUAC aggregates software security metadata into a high fidelity graph database.

security supply-chain software-supply-chain supply-chain-security supply-chain-analytics supply-chain-visibility software-supply-chain-security

Created 2022-06-10

1,690 commits to main branch, last one 23 hours ago

OpenSCA-cli XmirrorSecurity

115

1.1k

apache-2.0

154

OpenSCA is an open source software supply chain security solution that supports the detection of open source dependencies, vulnerabilities and license compliance with a widely noticed accuracy by the ...

sca sbom spdx swid security cyclonedx devsecops static-analysis vulnerabilities license-compliance software-supply-chain software-bill-of-materials software-composition-analysis software-supply-chain-security

Created 2021-12-30

990 commits to master branch, last one about a month ago

chain-bench aquasecurity

60

729

apache-2.0

13

An open-source tool for auditing your software supply chain stack for security compliance based on a new CIS Software Supply Chain benchmark.

go cis golang vulnera security devsecops security-tools misconfiguration open-policy-agent software-supply-chain software-supply-chain-security

Created 2022-05-12

69 commits to main branch, last one 4 months ago

openpubkey openpubkey

38

655

apache-2.0

13

Reference implementation of OpenPubkey

oauth2 identity cryptography openid-connect software-supply-chain-security

Created 2023-09-14

117 commits to main branch, last one 2 months ago

guarddog DataDog

44

621

apache-2.0

18

:snake: :mag: GuardDog is a CLI tool to Identify malicious PyPI and npm packages

npm python npm-packages pypi-packages python-security malicious-packages software-supply-chain-security

Created 2022-06-14

932 commits to main branch, last one 6 days ago

minder mindersec

42

292

apache-2.0

24

Software Supply Chain Security Platform

security supply-chain software-supply-chain software-supply-chain-security

Created 2023-04-05

4,458 commits to main branch, last one 21 hours ago

awesome-software-supply-chain-security bureado

27

291

unknown

25

A compilation of resources in the software supply chain security domain, with emphasis on open source

sbom devsecops attestation awesome-list cve-scanning dependencies oss-compliance static-analysis package-management reproducible-builds supply-chain-attacks dependency-management software-supply-chain supply-chain-security security-vulnerability vulnerability-scanning vulnerability-management software-composition-analysis software-supply-chain-security

Created 2022-02-20

447 commits to main branch, last one about a year ago

attestation in-toto

68

249

other

23

in-toto Attestation Framework

attestation software-supply-chain-security

Created 2021-04-01

679 commits to main branch, last one 7 days ago

birdcage phylum-dev

6

179

gpl-3.0

8

Cross-platform embeddable sandboxing

malware sandbox security security-tools secure-software-supply-chain software-supply-chain-security

Created 2022-08-25

71 commits to main branch, last one 4 months ago

malicious-software-packages-dataset DataDog

18

140

apache-2.0

8

An open-source dataset of malicious software packages found in the wild, 100% vetted by humans.

dataset guarddog malicious-packages software-supply-chain-security

Created 2023-03-20

233 commits to main branch, last one a day ago

sbomnix tiiuae

23

135

unknown

8

A suite of utilities to help with software supply chain challenges on nix targets

cpe nix purl sbom python security cyclonedx sbom-tool spdx-sbom dependencies sbom-generator static-analysis bill-of-materials software-supply-chain vulnerability-scanners software-bill-of-materials software-supply-chain-security

Created 2022-12-08

269 commits to main branch, last one 3 days ago

Software-Supply-Chain-Security vishalgarg-sec

17

126

unknown

6

A compilation of Software Supply Chain Security resources including initiatives, standards, regulations, organizations, vendors, tooling, books, articles and a plethora of learning resources from the ...

vex cncf sbom slsa owasp openssf attestations software-security open-source-security supply-chain-attacks dependency-management software-transparency supply-chain-security vulnerability-management software-bill-of-material software-supply-chain-security

Created 2023-07-28

88 commits to main branch, last one 9 months ago

cli phylum-dev

11

103

gpl-3.0

8

Command line interface for the Phylum API

cli rust malware security supply-chain security-scan vulnerabilities malware-detection software-supply-chain secure-software-supply-chain software-supply-chain-security

Created 2021-03-19

1,078 commits to main branch, last one 2 days ago

compage intelops

21

83

apache-2.0

2

Compage - Low-Code Framework to develop Rest API, gRPC, dRPC, GraphQL, WebAssembly, microservices, FaaS, Temporal workloads, IoT and edge services, K8s controllers, K8s CRDs, K8s custom APIs, K8s Oper...

Created 2022-06-14

976 commits to main branch, last one 4 months ago

argocd-interlace argoproj-labs

10

80

apache-2.0

8

Enabling Software Supply Chain Security Capabilities in ArgoCD

argocd in-toto sigstore software-supply-chain-security

Created 2021-08-04

23 commits to main branch, last one 2 years ago

community in-toto

10

69

unknown

8

in-toto is a framework to secure the software supply chain.

cncf in-toto software-supply-chain software-supply-chain-security

Created 2022-11-10

43 commits to main branch, last one 19 days ago

awesome-software-supply-chain-security meta-fun

3

39

apache-2.0

5

Sharing software supply chain security open source projects

cicd sast sbom devops security kubernetes supply-chain security-tools dependency-analysis software-supply-chain supply-chain-security vulnerability-scanner software-composition-analysis software-supply-chain-security

Created 2022-02-18

18 commits to main branch, last one about a year ago