Alternatives and similar repositories for mapi-action

Users that are interested in mapi-action are comparing it to the libraries listed below

• semgrep / semgrep-action
  This project is deprecated. Use https://github.com/returntocorp/semgrep instead
  ☆73Updated last year
• usnistgov / swid-tools
  ☆13Updated last week
• ForAllSecure / mayhem-examples
  Mayhem example templates for programming languages and fuzzers that you love!
  ☆33Updated last year
• anchore / yardstick
  Compare vulnerability scanners results (to make them better!)
  ☆16Updated this week
• anchore / grype-db
  ☆50Updated 2 weeks ago
• ossf / ossf-landscape
  ☆29Updated last week
• zapbot / zap-mgmt-scripts
  ZAP Management Scripts
  ☆23Updated 3 weeks ago
• semgrep / semgrep-docs
  Documentation of Semgrep: a fast, open-source, static analysis tool.
  ☆41Updated last week
• chainguard-dev / bom-shelter
  A place to systematically store software bill of materials (SBOM) documents.
  ☆46Updated 2 years ago
• slsa-framework / github-actions-demo
  Proof-of-concept SLSA provenance generator for GitHub Actions
  ☆100Updated 2 years ago
• ossf / Project-Security-Metrics
  Collect, curate, and communicate relevant security metrics for open source projects.
  ☆63Updated last year
• OWASP / TimeGap-Theory
  An auto-scoring capture-the-flag game focusing on TOCTOU vulnerabilities
  ☆20Updated 4 years ago
• securesauce / precli
  Precaution CLI - command line static application security testing tool
  ☆24Updated last week
• fabric8-analytics / cvejob
  A tool which tries to map CVEs from NVD to packages in supported ecosystems (Maven, NPM, PyPI).
  ☆12Updated 2 years ago
• in-toto / demo
  Securing Alice's, Bob's and Carl's software supply chain using in-toto
  ☆93Updated 2 weeks ago
• sbomify / sbomify
  sbomify is an SBOM management platform.
  ☆24Updated this week
• secure-systems-lab / dsse
  A specification for signing methods and formats used by Secure Systems Lab projects.
  ☆79Updated 9 months ago
• omnibor / spec
  A draft standard for communicating a cryptographic record of build inputs for software artifacts.
  ☆26Updated 2 months ago
• theupdateframework / tuf-on-ci
  A TUF repository and signing tool
  ☆37Updated this week
• ossf / security-reviews
  A community collection of security reviews of open source software components.
  ☆95Updated last year
• aboutcode-org / purldb
  Tools to create and expose a database of purls (Package URLs). This project is sponsored by NLnet project https://nlnet.nl/project/vulner…
  ☆48Updated last week
• kaakaww / javaspringvulny
  javaspringvulny - a Spring Boot web application built wrong on purpose
  ☆19Updated 2 months ago
• listendev / lstn
  A CLI tool to analyze the behavior of your dependencies using listen.dev
  ☆12Updated last week
• OSSIndex / vulns
  Report missing advisories and corrections on OSS Index
  ☆17Updated 2 years ago
• thought-machine / dracon
  Security scanning & static analysis tool
  ☆94Updated 8 months ago
• sigstore / protobuf-specs
  Sigstore's Protocol Buffer specifications
  ☆33Updated this week
• ossf / oss-vulnerability-guide
  A guide on coordinated vulnerability disclosure for open source projects. Includes templates for security policies (security.md) and disc…
  ☆122Updated 5 months ago
• eBay / sbom-scorecard
  Generate a score for your sbom to understand if it will actually be useful.
  ☆230Updated 10 months ago
• snyk / parlay
  Enrich SBOMs with data from third party services
  ☆176Updated 2 months ago
• uchi-mata / dostainer
  ☆29Updated 4 months ago