IBM / cbomkit-theia
A tool for detecting cryptographic assets in container images and directories, and generating CBOMs.
☆14Updated this week
Alternatives and similar repositories for cbomkit-theia:
Users that are interested in cbomkit-theia are comparing it to the libraries listed below
- A toolset for dealing with Cryptography Bill of Materials (CBOM)☆28Updated last week
- This repository contains a SonarQube Plugin that detects cryptographic assets in source code and generates CBOM.☆33Updated last week
- A standard API specification for exchanging supply chain artifacts and intelligence☆78Updated last week
- OpenVEX Specification☆145Updated 3 weeks ago
- Cryptography Bill of Materials☆67Updated 2 months ago
- A place to systematically store software bill of materials (SBOM) documents.☆46Updated last year
- Format agnostic SBOM tooling☆105Updated this week
- Report on quality of SBOM contents☆17Updated 4 months ago
- Visualizer for GUAC☆29Updated last month
- in-toto is a framework to secure the software supply chain.☆70Updated 3 months ago
- ☆62Updated 9 months ago
- Generative and mutative fuzzer for Kubernetes admission controller chains by automatically parsing the cluster api specification.☆74Updated last year
- Network Cryptography Monitor - using eBPF, written in python☆28Updated 3 weeks ago
- TACOS framework structural details☆20Updated last year
- PQC Transition Tools Index☆29Updated last month
- SBOM quality score - Quality metrics for your sboms☆206Updated this week
- Machine-readable specification for the attestation of security-relevant data.☆59Updated last week
- ☆71Updated 3 months ago
- SPDX Merge tool☆43Updated this week
- Working Group on Artificial Intelligence and Machine Learning (AI/ML) Security☆75Updated 6 months ago
- SBOM Assembler - A tool to edit SBOM or assemble multiple sboms into a single sbom.☆69Updated this week
- ☆25Updated last year
- Tool for collecting vulnerability data from various sources (used to build the grype database)☆93Updated last week
- Utility that provides an API platform for validating, querying and managing BOM data☆108Updated this week
- A TUF repository and signing tool☆33Updated this week
- ☆81Updated this week
- This repo. is archived. The utility is now at: https://github.com/CycloneDX/sbom-utility☆60Updated 2 years ago
- A tool to create, transform and attest VEX metadata☆134Updated this week
- vexctl is a tool to attest VEX impact statements☆44Updated 2 years ago
- DevGuard Backend - Secure your Software Supply Chain - Attestation-based compliance as Code, manage your CVEs seamlessly, Integrate your …☆66Updated last week