17 results found Sort:
- Filter by Primary Language:
- Go (8)
- Python (3)
- Rust (2)
- +
GUAC aggregates software security metadata into a high fidelity graph database.
Created
2022-06-10
1,663 commits to main branch, last one 20 hours ago
OpenSCA is an open source software supply chain security solution that supports the detection of open source dependencies, vulnerabilities and license compliance with a widely noticed accuracy by the ...
Created
2021-12-30
990 commits to master branch, last one 26 days ago
An open-source tool for auditing your software supply chain stack for security compliance based on a new CIS Software Supply Chain benchmark.
Created
2022-05-12
69 commits to main branch, last one 3 months ago
Reference implementation of OpenPubkey
Created
2023-09-14
117 commits to main branch, last one 2 months ago
:snake: :mag: GuardDog is a CLI tool to Identify malicious PyPI and npm packages
Created
2022-06-14
920 commits to main branch, last one 9 days ago
A compilation of resources in the software supply chain security domain, with emphasis on open source
sbom
devsecops
attestation
awesome-list
cve-scanning
dependencies
oss-compliance
static-analysis
package-management
reproducible-builds
supply-chain-attacks
dependency-management
software-supply-chain
supply-chain-security
security-vulnerability
vulnerability-scanning
vulnerability-management
software-composition-analysis
software-supply-chain-security
Created
2022-02-20
447 commits to main branch, last one about a year ago
Software Supply Chain Security Platform
Created
2023-04-05
4,361 commits to main branch, last one 13 hours ago
in-toto Attestation Framework
Created
2021-04-01
677 commits to main branch, last one a day ago
Cross-platform embeddable sandboxing
Created
2022-08-25
71 commits to main branch, last one 4 months ago
An open-source dataset of malicious software packages found in the wild, 100% vetted by humans.
Created
2023-03-20
213 commits to main branch, last one 23 hours ago
A suite of utilities to help with software supply chain challenges on nix targets
Created
2022-12-08
266 commits to main branch, last one 9 days ago
A compilation of Software Supply Chain Security resources including initiatives, standards, regulations, organizations, vendors, tooling, books, articles and a plethora of learning resources from the ...
Created
2023-07-28
88 commits to main branch, last one 9 months ago
Command line interface for the Phylum API
Created
2021-03-19
1,072 commits to main branch, last one 2 days ago
Compage - Low-Code Framework to develop Rest API, gRPC, dRPC, GraphQL, WebAssembly, microservices, FaaS, Temporal workloads, IoT and edge services, K8s controllers, K8s CRDs, K8s custom APIs, K8s Oper...
Created
2022-06-14
976 commits to main branch, last one 3 months ago
Enabling Software Supply Chain Security Capabilities in ArgoCD
Created
2021-08-04
23 commits to main branch, last one 2 years ago
in-toto is a framework to secure the software supply chain.
Created
2022-11-10
43 commits to main branch, last one 5 days ago
Sharing software supply chain security open source projects
Created
2022-02-18
18 commits to main branch, last one about a year ago