ForAllSecure / mapi-action

Related projects: ⓘ

• semgrep / semgrep-action
  This project is deprecated. Use https://github.com/returntocorp/semgrep instead
  ☆73Updated 5 months ago
• snyk / parlay
  Enrich SBOMs with data from third party services
  ☆108Updated 3 weeks ago
• in-toto / demo
  Securing Alice's, Bob's and Carl's software supply chain using in-toto
  ☆86Updated 2 weeks ago
• DependencyTrack / gh-upload-sbom
  Publishes BOMs to Dependency-Track from GitHub Actions
  ☆41Updated 3 weeks ago
• semgrep / semgrep-vscode
  Semgrep extension for Visual Studio Code
  ☆53Updated last week
• crashappsec / github-analyzer
  A tool to check the security settings of Github Organizations.
  ☆68Updated last year
• ossf / security-reviews
  A community collection of security reviews of open source software components.
  ☆92Updated 6 months ago
• omnibor / spec
  A draft standard for communicating a cryptographic record of build inputs for software artifacts.
  ☆23Updated 10 months ago
• ossf / Project-Security-Metrics
  Collect, curate, and communicate relevant security metrics for open source projects.
  ☆63Updated 6 months ago
• in-toto / supply-chain-compromises
  ☆22Updated 2 years ago
• google / oss-rebuild
  Securing open-source package ecosystems by originating, validating, and augmenting build attestations.
  ☆23Updated last week
• thought-machine / dracon
  Security scanning & static analysis tool
  ☆92Updated last year
• chainguard-dev / darkfiles
  Darkfiles finds orphaned files in container images and makes them to bad deeds
  ☆41Updated last year
• bomctl / bomctl
  Format agnostic SBOM tooling
  ☆63Updated this week
• ossf / sbom-everywhere
  Improve Software Bill of Materials (SBOM) tooling and training to encourage adoption
  ☆69Updated this week
• slsa-framework / github-actions-demo
  Proof-of-concept SLSA provenance generator for GitHub Actions
  ☆99Updated last year
• ossf / osv-schema
  Open Source Vulnerability schema.
  ☆176Updated this week
• github / ossar-action
  Run multiple open source security static analysis tools without the added complexity with OSSAR (Open Source Static Analysis Runner).
  ☆94Updated 5 months ago
• chainguard-dev / bom-shelter
  A place to systematically store software bill of materials (SBOM) documents.
  ☆42Updated last year
• anthonyharrison / sbom4python
  A tool to generate a SBOM (Software Bill of Materials) for an installed Python module
  ☆25Updated 3 weeks ago
• philips-software / SPDXMerge
  SPDX Merge tool
  ☆39Updated last week
• chainguard-dev / justtrustme
  ☆51Updated 6 months ago
• omnibor / site
  Website for OmniBOR, reproducible identifiers & fine-grained build dependency tracking for software artifacts.
  ☆21Updated last week
• tacosframework / TACOS-spec
  TACOS framework structural details
  ☆19Updated 9 months ago
• in-toto / community
  in-toto is a framework to secure the software supply chain.
  ☆66Updated 2 months ago
• secure-systems-lab / dsse
  A specification for signing methods and formats used by Secure Systems Lab projects.
  ☆66Updated last week
• ForAllSecure / mayhem-examples
  Mayhem example templates for programming languages and fuzzers that you love!
  ☆26Updated 8 months ago
• microsoft / bandit-sarif-formatter
  A report formatter for Bandit (a Python security analyzer) that produces output in the SARIF format.
  ☆18Updated last year
• aquasecurity / cfsec
  Static analysis for CloudFormation templates to identify common misconfiguration
  ☆58Updated 2 years ago
• sigstore / protobuf-specs
  Protocol Buffer specifications
  ☆22Updated last week