Quobis / action-owasp-dependecy-track-checkLinks
Github action to generate BoM and upload to OWASP dependency track for vulnerability analysis
☆42Updated 9 months ago
Alternatives and similar repositories for action-owasp-dependecy-track-check
Users that are interested in action-owasp-dependecy-track-check are comparing it to the libraries listed below
Sorting:
- SBOM Assess - Evaluate SBOM quality and compliance☆220Updated last week
- NextJS-based single-page application for completing and reviewing SAMM assessments☆76Updated 2 years ago
- Publishes BOMs to Dependency-Track from GitHub Actions☆54Updated 9 months ago
- Generate a score for your sbom to understand if it will actually be useful.☆230Updated 11 months ago
- Enrich SBOMs with data from third party services☆178Updated 3 months ago
- A BOM repository server for distributing CycloneDX BOMs☆77Updated 2 weeks ago
- GitHub Advanced Security Policy as Code☆84Updated 2 weeks ago
- Examples of integrating the Snyk CLI into a CI/CD system☆92Updated 7 months ago
- ☆116Updated this week
- Core model including reused documentation☆98Updated last month
- Software Component Verification Standard (SCVS)☆148Updated 3 months ago
- CycloneDX CLI tool for SBOM analysis, merging, diffs and format conversions.☆381Updated last week
- A standard API specification for exchanging supply chain artifacts and intelligence☆83Updated 2 weeks ago
- Scans Software Bill of Materials (SBOMs) for security vulnerabilities☆571Updated 3 months ago
- Count distinct contributor of Snyk watched repos across several SCM☆32Updated last year
- GitHub action to generate a CycloneDX SBOM for .NET☆11Updated last year
- An open-source collection of API key rotation tutorials.☆70Updated 3 weeks ago
- Utility that provides an API and CLI to identify licenses and legal terms☆50Updated this week
- ☆530Updated last week
- boostsecurityio/poutine☆306Updated 2 weeks ago
- A tool for preventing the installation of malicious npm and PyPI packages☆150Updated last week
- OWASP Foundation Web Respository☆55Updated 2 years ago
- The S2C2F Project is a group working within the OpenSSF's Supply Chain Integrity Working Group formed to further develop and continuously…☆210Updated last month
- Github action to run dependency check☆82Updated last month
- Utility that provides an API platform for validating, querying and managing BOM data☆116Updated this week
- A GitHub Action for running the ZAP Baseline scan☆331Updated 3 weeks ago
- OWASP Foundation Web Respository☆97Updated 5 months ago
- The security workflow engine!☆117Updated last week
- A repository with examples of CycloneDX BOMs (SBOM, SaaSBOM, OBOM, VEX, etc)☆196Updated 3 months ago
- The Open Threat Modeling Format (OTM) defines a platform independent way to define the threat model of any system.☆172Updated 7 months ago