Search Results - RepositoryStats

176

1.3k

apache-2.0

44

GUAC aggregates software security metadata into a high fidelity graph database.

security supply-chain software-supply-chain supply-chain-security supply-chain-analytics supply-chain-visibility software-supply-chain-security

Created 2022-06-10

1,663 commits to main branch, last one 20 hours ago

OpenSCA-cli XmirrorSecurity

115

1.1k

apache-2.0

154

OpenSCA is an open source software supply chain security solution that supports the detection of open source dependencies, vulnerabilities and license compliance with a widely noticed accuracy by the ...

sca sbom spdx swid security cyclonedx devsecops static-analysis vulnerabilities license-compliance software-supply-chain software-bill-of-materials software-composition-analysis software-supply-chain-security

Created 2021-12-30

990 commits to master branch, last one 26 days ago

chain-bench aquasecurity

59

726

apache-2.0

12

An open-source tool for auditing your software supply chain stack for security compliance based on a new CIS Software Supply Chain benchmark.

go cis golang vulnera security devsecops security-tools misconfiguration open-policy-agent software-supply-chain software-supply-chain-security

Created 2022-05-12

69 commits to main branch, last one 3 months ago

openpubkey openpubkey

38

651

apache-2.0

13

Reference implementation of OpenPubkey

oauth2 identity cryptography openid-connect software-supply-chain-security

Created 2023-09-14

117 commits to main branch, last one 2 months ago

guarddog DataDog

44

611

apache-2.0

18

:snake: :mag: GuardDog is a CLI tool to Identify malicious PyPI and npm packages

npm python npm-packages pypi-packages python-security malicious-packages software-supply-chain-security

Created 2022-06-14

920 commits to main branch, last one 9 days ago

awesome-software-supply-chain-security bureado

26

286

unknown

25

A compilation of resources in the software supply chain security domain, with emphasis on open source

sbom devsecops attestation awesome-list cve-scanning dependencies oss-compliance static-analysis package-management reproducible-builds supply-chain-attacks dependency-management software-supply-chain supply-chain-security security-vulnerability vulnerability-scanning vulnerability-management software-composition-analysis software-supply-chain-security

Created 2022-02-20

447 commits to main branch, last one about a year ago

minder mindersec

39

279

apache-2.0

24

Software Supply Chain Security Platform

security supply-chain software-supply-chain software-supply-chain-security

Created 2023-04-05

4,361 commits to main branch, last one 13 hours ago

attestation in-toto

66

238

other

23

in-toto Attestation Framework

attestation software-supply-chain-security

Created 2021-04-01

677 commits to main branch, last one a day ago

birdcage phylum-dev

4

178

gpl-3.0

8

Cross-platform embeddable sandboxing

malware sandbox security security-tools secure-software-supply-chain software-supply-chain-security

Created 2022-08-25

71 commits to main branch, last one 4 months ago

malicious-software-packages-dataset DataDog

20

139

apache-2.0

8

An open-source dataset of malicious software packages found in the wild, 100% vetted by humans.

dataset guarddog malicious-packages software-supply-chain-security

Created 2023-03-20

213 commits to main branch, last one 23 hours ago

sbomnix tiiuae

23

132

unknown

8

A suite of utilities to help with software supply chain challenges on nix targets

cpe nix purl sbom python security cyclonedx sbom-tool spdx-sbom dependencies sbom-generator static-analysis bill-of-materials software-supply-chain vulnerability-scanners software-bill-of-materials software-supply-chain-security

Created 2022-12-08

266 commits to main branch, last one 9 days ago

Software-Supply-Chain-Security vishalgarg-sec

17

125

unknown

6

A compilation of Software Supply Chain Security resources including initiatives, standards, regulations, organizations, vendors, tooling, books, articles and a plethora of learning resources from the ...

vex cncf sbom slsa owasp openssf attestations software-security open-source-security supply-chain-attacks dependency-management software-transparency supply-chain-security vulnerability-management software-bill-of-material software-supply-chain-security

Created 2023-07-28

88 commits to main branch, last one 9 months ago

cli phylum-dev

11

103

gpl-3.0

8

Command line interface for the Phylum API

cli rust malware security supply-chain security-scan vulnerabilities malware-detection software-supply-chain secure-software-supply-chain software-supply-chain-security

Created 2021-03-19

1,072 commits to main branch, last one 2 days ago

compage intelops

21

82

apache-2.0

2

Compage - Low-Code Framework to develop Rest API, gRPC, dRPC, GraphQL, WebAssembly, microservices, FaaS, Temporal workloads, IoT and edge services, K8s controllers, K8s CRDs, K8s custom APIs, K8s Oper...

Created 2022-06-14

976 commits to main branch, last one 3 months ago

argocd-interlace argoproj-labs

10

80

apache-2.0

8

Enabling Software Supply Chain Security Capabilities in ArgoCD

argocd in-toto sigstore software-supply-chain-security

Created 2021-08-04

23 commits to main branch, last one 2 years ago

community in-toto

10

69

unknown

8

in-toto is a framework to secure the software supply chain.

cncf in-toto software-supply-chain software-supply-chain-security

Created 2022-11-10

43 commits to main branch, last one 5 days ago

awesome-software-supply-chain-security meta-fun

3

39

apache-2.0

5

Sharing software supply chain security open source projects

cicd sast sbom devops security kubernetes supply-chain security-tools dependency-analysis software-supply-chain supply-chain-security vulnerability-scanner software-composition-analysis software-supply-chain-security

Created 2022-02-18

18 commits to main branch, last one about a year ago