Alternatives and similar repositories for OVAL

Users that are interested in OVAL are comparing it to the libraries listed below

• Vulnogram / Vulnogram
  Vulnogram is a tool for creating and editing CVE information in CVE JSON format
  ☆204Updated last week
• usnistgov / sctools
  Tools for security content automation, baseline tailoring, and overlay development.
  ☆44Updated last year
• RedHatProductSecurity / cvelib
  A Python library and command line interface for CVE Services.
  ☆69Updated 3 weeks ago
• mitre / vulcan
  A web application to streamline the development of STIGs from SRGs
  ☆80Updated last week
• mitre / saf
  The MITRE Security Automation Framework (SAF) Command Line Interface (CLI) brings together applications, techniques, libraries, and tools…
  ☆166Updated last week
• CERTCC / SSVC
  Stakeholder-Specific Vulnerability Categorization
  ☆166Updated this week
• CERTCC / VINCE
  VINCE is the Vulnerability Information and Coordination Environment developed and used by the CERT Coordination Center to improve coordin…
  ☆81Updated 3 weeks ago
• mitre / heimdall2
  Heimdall Enterprise Server 2 lets you view, store, and compare automated security control scan results.
  ☆239Updated this week
• ComplianceAsCode / ComplianceAsCode.github.io
  A ComplianceAsCode blog
  ☆29Updated last month
• FIRSTdotorg / epss
  Exploit Prediction Scoring System (EPSS)
  ☆30Updated 3 years ago
• secvisogram / secvisogram
  Secvisogram is a web tool for creating and editing security advisories in the CSAF 2.0 format
  ☆39Updated last week
• cairis-platform / cairis
  Computer Aided Integration of Requirements and Information Security - Server
  ☆165Updated last year
• OpenSCAP / scap-workbench
  SCAP Scanner And Tailoring Graphical User Interface
  ☆233Updated last year
• CISecurity / OVALRepo
  ☆280Updated 2 years ago
• oasis-tcs / csaf
  OASIS CSAF TC: Supporting version control for Work Product artifacts developed by members of TC, including prose specifications and secon…
  ☆194Updated last week
• FIRSTdotorg / Vuln4Cast
  A collection of data fetchers, and simple quarterly and yearly CVE forecasting models.
  ☆43Updated 3 weeks ago
• CycloneDX / bom-examples
  A repository with examples of CycloneDX BOMs (SBOM, SaaSBOM, OBOM, VEX, etc)
  ☆205Updated last week
• opencybersecurityalliance / documentation
  OCA-wide documentation shared by all sub-projects and repositories
  ☆33Updated last year
• OVALProject / Language
  The OVAL Language Schemas
  ☆87Updated last year
• ossf / wg-vulnerability-disclosures
  The OpenSSF Vulnerability Disclosures Working Group seeks to help improve the overall security of the open source software ecosystem by h…
  ☆201Updated 3 weeks ago
• CVEProject / automation-working-group
  CVE Automation Working Group
  ☆176Updated last week
• CloudSecurityAlliance / gsd-tools
  Global Security Database Tools
  ☆43Updated last year
• docker-archive / oscalkit
  NIST OSCAL SDK and CLI
  ☆38Updated 5 years ago
• brian-ruf / OSCAL-GUI
  Joint NIST/FedRAMP tool to interact with OSCAL files via a browser-based GUI
  ☆45Updated 5 years ago
• OWASP / OdTM
  OWASP Ontology-driven Threat Modelling framework
  ☆41Updated 2 years ago
• usnistgov / oscal-tools
  Tools for the OSCAL project
  ☆36Updated 2 years ago
• usnistgov / oscal-deep-diff
  Open Security Controls Assessment Language (OSCAL) Deep Differencing Tool
  ☆38Updated 2 years ago
• oasis-open / cti-stix-common-objects
  OASIS Cyber Threat Intelligence (CTI) TC: A repository for commonly used STIX objects in order to avoid needless duplication. https://gi…
  ☆96Updated 4 months ago
• mitre / emasser
  eMASSer is a command-line interface (CLI) that aims to automate routine business use-cases and provide utility surrounding the Enterprise…
  ☆45Updated 2 weeks ago
• swagitda / security-decision-trees-graphviz
  Decision trees generated via Graphviz to inform pragmatic threat modelling.
  ☆11Updated 4 years ago