Search Results - RepositoryStats

154

1.2k

apache-2.0

42

GUAC aggregates software security metadata into a high fidelity graph database.

security supply-chain software-supply-chain supply-chain-security supply-chain-analytics supply-chain-visibility software-supply-chain-security

Created 2022-06-10

1,420 commits to main branch, last one 17 hours ago

OpenSCA-cli XmirrorSecurity

115

1.0k

apache-2.0

155

OpenSCA is an open source software supply chain security solution that supports the detection of open source dependencies, vulnerabilities and license compliance with a widely noticed accuracy by the ...

sca sbom spdx swid security cyclonedx devsecops static-analysis vulnerabilities license-compliance software-supply-chain software-bill-of-materials software-composition-analysis software-supply-chain-security

Created 2021-12-30

939 commits to master branch, last one a day ago

chain-bench aquasecurity

61

705

apache-2.0

11

An open-source tool for auditing your software supply chain stack for security compliance based on a new CIS Software Supply Chain benchmark.

go cis golang vulnera security devsecops security-tools misconfiguration open-policy-agent software-supply-chain software-supply-chain-security

Created 2022-05-12

68 commits to main branch, last one about a month ago

openpubkey openpubkey

34

588

apache-2.0

15

Reference implementation of OpenPubkey

oauth2 identity cryptography openid-connect software-supply-chain-security

Created 2023-09-14

113 commits to main branch, last one 8 days ago

guarddog DataDog

38

514

apache-2.0

17

:snake: :mag: GuardDog is a CLI tool to Identify malicious PyPI and npm packages

npm python npm-packages pypi-packages python-security malicious-packages software-supply-chain-security

Created 2022-06-14

636 commits to main branch, last one 16 hours ago

awesome-software-supply-chain-security bureado

25

255

unknown

24

A compilation of resources in the software supply chain security domain, with emphasis on open source

sbom devsecops attestation awesome-list cve-scanning dependencies oss-compliance static-analysis package-management reproducible-builds supply-chain-attacks dependency-management software-supply-chain supply-chain-security security-vulnerability vulnerability-scanning vulnerability-management software-composition-analysis software-supply-chain-security

Created 2022-02-20

447 commits to main branch, last one about a year ago

minder stacklok

33

205

apache-2.0

19

Software Supply Chain Security Platform

security supply-chain software-supply-chain software-supply-chain-security

Created 2023-04-05

3,332 commits to main branch, last one 16 hours ago

attestation in-toto

44

202

other

21

in-toto Attestation Framework

attestation software-supply-chain-security

Created 2021-04-01

623 commits to main branch, last one 3 days ago

birdcage phylum-dev

3

174

gpl-3.0

8

Cross-platform embeddable sandboxing

malware sandbox security security-tools secure-software-supply-chain software-supply-chain-security

Created 2022-08-25

68 commits to main branch, last one about a month ago

malicious-software-packages-dataset DataDog

15

115

apache-2.0

9

An open-source dataset of malicious software packages found in the wild, 100% vetted by humans.

dataset guarddog malicious-packages software-supply-chain-security

Created 2023-03-20

70 commits to main branch, last one 20 hours ago

Software-Supply-Chain-Security vishalgarg-sec

12

114

unknown

6

A compilation of Software Supply Chain Security resources including initiatives, standards, regulations, organizations, vendors, tooling, books, articles and a plethora of learning resources from the ...

vex cncf sbom slsa owasp openssf attestations software-security open-source-security supply-chain-attacks dependency-management software-transparency supply-chain-security vulnerability-management software-bill-of-material software-supply-chain-security

Created 2023-07-28

88 commits to main branch, last one 4 months ago

sbomnix tiiuae

19

100

unknown

8

A suite of utilities to help with software supply chain challenges on nix targets

cpe nix purl sbom python security cyclonedx sbom-tool spdx-sbom dependencies sbom-generator static-analysis bill-of-materials software-supply-chain vulnerability-scanners software-bill-of-materials software-supply-chain-security

Created 2022-12-08

244 commits to main branch, last one 2 days ago

cli phylum-dev

10

99

gpl-3.0

7

Command line interface for the Phylum API

cli rust malware security supply-chain security-scan vulnerabilities malware-detection software-supply-chain secure-software-supply-chain software-supply-chain-security

Created 2021-03-19

992 commits to main branch, last one 3 days ago

compage intelops

20

79

apache-2.0

2

Compage - Low-Code Framework to develop Rest API, gRPC, dRPC, GraphQL, WebAssembly, microservices, FaaS, Temporal workloads, IoT and edge services, K8s controllers, K8s CRDs, K8s custom APIs, K8s Oper...

Created 2022-06-14

975 commits to main branch, last one 2 days ago

argocd-interlace argoproj-labs

10

76

apache-2.0

8

Enabling Software Supply Chain Security Capabilities in ArgoCD

argocd in-toto sigstore software-supply-chain-security

Created 2021-08-04

23 commits to main branch, last one about a year ago

community in-toto

8

51

unknown

7

in-toto is a framework to secure the software supply chain.

cncf in-toto software-supply-chain software-supply-chain-security

Created 2022-11-10

28 commits to main branch, last one 17 days ago

awesome-software-supply-chain-security meta-fun

3

38

apache-2.0

5

Sharing software supply chain security open source projects

cicd sast sbom devops security kubernetes supply-chain security-tools dependency-analysis software-supply-chain supply-chain-security vulnerability-scanner software-composition-analysis software-supply-chain-security

Created 2022-02-18

18 commits to main branch, last one about a year ago