Alternatives and similar repositories for sbom-comparator

Users that are interested in sbom-comparator are comparing it to the libraries listed below

• CycloneDX / sbom-combiner
  Lockheed Martin developed utility to combine multiple CycloneDX SBOMs
  ☆12Updated 2 years ago
• interlynk-io / sbomex
  SBOM Explorer - Discover and pull public SBOMs
  ☆20Updated 2 months ago
• eclipse-jbom / jbom
  ☆116Updated 3 months ago
• omnibor / site
  Website for OmniBOR, reproducible identifiers & fine-grained build dependency tracking for software artifacts.
  ☆21Updated 6 months ago
• cybeats / sbomgen
  List of SBOM Generation Tools
  ☆27Updated 5 months ago
• lhotari / log4shell-mitigation-tester
  Log4Shell CVE-2021-44228 mitigation tester
  ☆16Updated 3 years ago
• interlynk-io / sbomgr
  SBOM Search - Context aware search in SBOM repositories
  ☆28Updated last week
• i2-open / i2scim
  Implementation of SCIM
  ☆35Updated last year
• umbrellaassociates / opa-spicedb
  Open Policy Agent extension for Authzed SpiceDB
  ☆21Updated 9 months ago
• interlynk-io / sbomasm
  SBOM Edit - Conditional edits and merging of SBOMs
  ☆74Updated last week
• nyph-infosec / daggerboard
  ☆101Updated 10 months ago
• chainguard-dev / bom-shelter
  A place to systematically store software bill of materials (SBOM) documents.
  ☆46Updated 2 years ago
• anchore / vunnel
  Tool for collecting vulnerability data from various sources (used to build the grype database)
  ☆101Updated this week
• sonatype-nexus-community / ahab
  ahab is a tool to check for vulnerabilities in your apt, apk, or yum powered operating systems, powered by Sonatype OSS Index.
  ☆68Updated last year
• CycloneDX / sbom-utility
  Utility that provides an API platform for validating, querying and managing BOM data
  ☆117Updated this week
• OSSIndex / vulns
  Report missing advisories and corrections on OSS Index
  ☆17Updated 2 years ago
• eBay / sbom-scorecard
  Generate a score for your sbom to understand if it will actually be useful.
  ☆231Updated 11 months ago
• stevespringett / Alpine
  An opinionated scaffolding framework that jumpstarts Java projects with an API-first design, secure defaults, and minimal dependencies
  ☆63Updated last week
• act-project / TAC
  Automating Compliance Tooling Project
  ☆21Updated 3 years ago
• spdx / sbom-landscape
  SPDX SBOM Landscape
  ☆16Updated last year
• CycloneDX / cyclonedx-property-taxonomy
  A taxonomy of all official CycloneDX property namespaces and names
  ☆18Updated last week
• CycloneDX / cyclonedx-linux-generator
  Lockheed Martin developed utility to generate CycloneDX SBOMs for Linux distributions
  ☆48Updated last month
• zoom / viss
  ☆63Updated last year
• ozonru / cyclonedx-go
  Creates CycloneDX Software Bill-of-Materials (SBOM) from Go projects. So you can use it with DependencyTrack to monitor security issues i…
  ☆22Updated 5 years ago
• sigstore / sigstore-maven-plugin
  sigstore maven plugin
  ☆18Updated last year
• hexa-org / policy
  Repository for development of IDQL Policy Language
  ☆14Updated 9 months ago
• opossum-tool / OpossumUI
  A light-weight app to audit and inventory large codebases for open source license compliance.
  ☆66Updated this week
• philips-software / SPDXMerge
  SPDX Merge tool
  ☆46Updated 3 months ago
• openvex / go-vex
  Go module to generate and transform VEX documents
  ☆46Updated last week
• cyralinc / brewOPA
  A data access control framework for Open Policy Agent
  ☆37Updated last year