CycloneDX / sbom-comparator
Lockheed Martin developed utility to compare two CycloneDX SBOMs
☆19Updated 3 years ago
Alternatives and similar repositories for sbom-comparator
Users that are interested in sbom-comparator are comparing it to the libraries listed below
Sorting:
- Lockheed Martin developed utility to combine multiple CycloneDX SBOMs☆12Updated 2 years ago
- Website for OmniBOR, reproducible identifiers & fine-grained build dependency tracking for software artifacts.☆21Updated 3 months ago
- ☆114Updated last month
- List of SBOM Generation Tools☆23Updated 2 months ago
- SBOM Explorer - Discover and pull public SBOMs☆18Updated this week
- Log4Shell CVE-2021-44228 mitigation tester☆16Updated 3 years ago
- Measure release insights and recommendations for open-source dependencies. Note: this project is archived.☆11Updated 2 years ago
- SBOM Edit - Conditional edits and merging of SBOMs☆69Updated this week
- Markdown Version of the DHS/CISA Secure Software Development Self Attestation Form.☆21Updated 2 years ago
- Automating Compliance Tooling Project☆21Updated 3 years ago
- Utility that provides an API platform for validating, querying and managing BOM data☆109Updated 3 weeks ago
- Implementation of SCIM☆31Updated 11 months ago
- CycloneDX SBOM Model and Utils for Creating and Validating BOMs☆93Updated last week
- Examples of using Snyk's SBOM APIs.☆16Updated 2 years ago
- A BOM repository server for distributing CycloneDX BOMs☆77Updated last year
- A taxonomy of all official CycloneDX property namespaces and names☆16Updated last month
- The SCANOSS SBOM Workbench graphical user interface to scan and audit your source code.☆53Updated last week
- ☆100Updated 7 months ago
- Report missing advisories and corrections on OSS Index☆17Updated 2 years ago
- This project aims to standardize the representation and management of EOL and EOS product information across the industry.☆29Updated last year
- A place to systematically store software bill of materials (SBOM) documents.☆46Updated last year
- Go module to generate and transform VEX documents☆40Updated last week
- sigstore maven plugin☆18Updated 9 months ago
- OpenSSF Endusers Working Group☆28Updated last year
- A draft standard for communicating a cryptographic record of build inputs for software artifacts.☆24Updated 3 weeks ago
- Automate vulnerability triage which prioritizes remediation over discovery☆18Updated this week
- Utility that provides an API and CLI to identify licenses and legal terms☆44Updated 11 months ago
- TACOS framework structural details☆20Updated last year
- The ultimate Java library for Troy Hunt's ';-- Have I Been Pwned (v3).☆14Updated 2 years ago
- Generate a score for your sbom to understand if it will actually be useful.☆229Updated 9 months ago