Alternatives and similar repositories for OVAL:

Users that are interested in OVAL are comparing it to the libraries listed below

• oasis-open / csaf-parser
  OASIS TC Open Repository: CSAF Parser tool for parsing and checking the syntax of the Common Vulnerability Reporting Framework (CVRF) con…
  ☆23Updated 2 years ago
• OVALProject / Language
  The OVAL Language Schemas
  ☆87Updated 4 months ago
• OSSIndex / vulns
  Report missing advisories and corrections on OSS Index
  ☆17Updated 2 years ago
• mitre / mitre-saf
  Landing Page Content/Builder for MITRE Security Automation Framework
  ☆28Updated last week
• ComplianceAsCode / ComplianceAsCode.github.io
  A ComplianceAsCode blog
  ☆26Updated this week
• kannkyo / epss-api
  EPSS(Exploit Prediction Scoring System) API client
  ☆18Updated this week
• usnistgov / sctools
  Tools for security content automation, baseline tailoring, and overlay development.
  ☆43Updated 5 months ago
• swagitda / security-decision-trees-graphviz
  Decision trees generated via Graphviz to inform pragmatic threat modelling.
  ☆10Updated 4 years ago
• RedHatProductSecurity / cvelib
  A Python library and command line interface for CVE Services.
  ☆61Updated last month
• joval / jOVAL
  An open-source JAXB data model for SCAP specification formats.
  ☆57Updated 2 years ago
• ptdropper / CVE-Scanner-for-your-SW-BOM
  CVE Vulnerability scanner of your software bill of materials (SBOM). ASCII text input.
  ☆17Updated 4 years ago
• vfeedio / pyvfeed
  Python API for vFeed Vulnerability & Threat Intelligence Database Enterprise & Pro Editions
  ☆99Updated last year
• CERTCC / VINCE
  VINCE is the Vulnerability Information and Coordination Environment developed and used by the CERT Coordination Center to improve coordin…
  ☆60Updated last month
• DefectDojo / Community-Contribs
  DefectDojo Community Content
  ☆17Updated 3 months ago
• CERTCC / SSVC
  Stakeholder-Specific Vulnerability Categorization
  ☆136Updated this week
• COVAIL / MITRE_NIST
  A Crowdsourcing Exchange for mapping various sources of security vulnerabilities, exposures, threats, and controls data
  ☆26Updated 5 years ago
• FIRSTdotorg / cvss-v4-calculator
  CVSS v4.0 calculator
  ☆28Updated 5 months ago
• chainguard-dev / self-attestation
  Markdown Version of the DHS/CISA Secure Software Development Self Attestation Form.
  ☆21Updated last year
• GSA / oscal-ssp-to-word
  ☆16Updated 3 years ago
• meta-fun / awesome-software-supply-chain-security
  Sharing software supply chain security open source projects
  ☆43Updated 2 years ago
• OWASP / OdTM
  OWASP Ontology-driven Threat Modelling framework
  ☆37Updated last year
• Threagile / run-threagile-action
  GitHub action to run Threagile, the agile threat modeling toolkit, on a repo's threagile.yaml file
  ☆13Updated 8 months ago
• OVALProject / Test-Content
  A set of OVAL Definitions that provides a simple way to test the capability of OVAL Definition Evaluators.
  ☆26Updated 8 years ago
• mitre-attack / attack-workbench-taxii-server
  An application allowing users to explore, create, annotate, and share extensions of the MITRE ATT&CK® knowledge base. This repository con…
  ☆28Updated 2 months ago
• mal-lang / exampleLang
  A MAL language that demonstrates the Maven project structure
  ☆23Updated 2 years ago
• ComplianceAsCode / oscal
  OSCAL SSP content for technologies shipped by Red Hat
  ☆15Updated last year
• docker-archive / oscalkit
  NIST OSCAL SDK and CLI
  ☆37Updated 4 years ago
• OTRF / sigma
  Generic Signature Format for SIEM Systems
  ☆14Updated 3 years ago
• usnistgov / vulntology
  Development of the NIST vulnerability data ontology (Vulntology).
  ☆37Updated 8 months ago
• rusakovichma / TicTaaC
  Easy-to-use Threat modeling-as-a-Code (TaaC) solution following DevSecOps principles. Simple CI/CD integration as well as console usage. …
  ☆61Updated 7 months ago