Alternatives and similar repositories for osv-detector:

Users that are interested in osv-detector are comparing it to the libraries listed below

• trufflesecurity / how-to-rotate
  An open-source collection of API key rotation tutorials.
  ☆63Updated 2 months ago
• snyk / parlay
  Enrich SBOMs with data from third party services
  ☆158Updated last week
• IBM / sbom-utility
  This repo. is archived. The utility is now at: https://github.com/CycloneDX/sbom-utility
  ☆61Updated last year
• CycloneDX / cyclonedx-bom-repo-server
  A BOM repository server for distributing CycloneDX BOMs
  ☆75Updated 11 months ago
• ossf / osv-schema
  Open Source Vulnerability schema.
  ☆191Updated last week
• ossf / malicious-packages
  A repository of reports of malicious packages identified in Open Source package repositories, consumable via the Open Source Vulnerabilit…
  ☆289Updated this week
• ossf / security-insights-spec
  OPENSSF SECURITY INSIGHTS: Repository for development of the draft standard, where requests for modification should be made via Github Is…
  ☆56Updated last month
• anchore / vunnel
  Tool for collecting vulnerability data from various sources (used to build the grype database)
  ☆83Updated this week
• interlynk-io / sbomgr
  SBOM Grep - search through SBOMs
  ☆21Updated this week
• MaibornWolff / SecObserve
  SecObserve is an open source vulnerability and license management system for software development teams and cloud environments. It suppor…
  ☆113Updated this week
• eBay / sbom-scorecard
  Generate a score for your sbom to understand if it will actually be useful.
  ☆225Updated 6 months ago
• boostsecurityio / poutine
  boostsecurityio/poutine
  ☆254Updated last week
• philips-software / SPDXMerge
  SPDX Merge tool
  ☆41Updated 5 months ago
• AppThreat / vulnerability-db
  Vulnerability database and package search for sources such as Linux, OSV, NVD, GitHub and npm. Powered by sqlite, CVE 5.1, purl, and vers…
  ☆105Updated this week
• scanoss / purl2cpe
  PURL to CPE Relationship mapping project.
  ☆82Updated this week
• DependencyTrack / gh-upload-sbom
  Publishes BOMs to Dependency-Track from GitHub Actions
  ☆50Updated 4 months ago
• openvex / spec
  OpenVEX Specification
  ☆141Updated 7 months ago
• chainguard-dev / bomshell
  An SBOM query language and associated utilities
  ☆54Updated last year
• elementsinteractive / twyn
  Security tool against dependency typosquatting attacks
  ☆39Updated last week
• vishalgarg-sec / Software-Supply-Chain-Security
  A compilation of Software Supply Chain Security resources including initiatives, standards, regulations, organizations, vendors, tooling,…
  ☆130Updated last year
• ossf / oss-vulnerability-guide
  A guide on coordinated vulnerability disclosure for open source projects. Includes templates for security policies (security.md) and disc…
  ☆119Updated last month
• bomctl / bomctl
  Format agnostic SBOM tooling
  ☆99Updated this week
• anchore / nvd-data-overrides
  ☆47Updated this week
• spdx / spdx-to-osv
  Produce an Open Source Vulnerability JSON file based on information in an SPDX document
  ☆63Updated 8 months ago
• meta-fun / awesome-software-supply-chain-security
  Sharing software supply chain security open source projects
  ☆45Updated 2 years ago
• smithy-security / smithy
  The security workflow engine!
  ☆95Updated this week
• ossf / ossf-landscape
  ☆27Updated this week
• CycloneDX / sbom-utility
  Utility that provides an API platform for validating, querying and managing BOM data
  ☆102Updated 3 months ago
• ossf / wg-securing-software-repos
  OpenSSF Working Group on Securing Software Repositories
  ☆98Updated 3 months ago
• Checkmarx / dustilock
  DustiLock is a tool to find which of your dependencies is susceptible to a Dependency Confusion attack.
  ☆35Updated 3 years ago