fatbom (Fat Bill Of Materials) is a tool which combines the SBOM generated by various tools into one fat SBOM. Thus leveraging each tool's strength.
☆32Oct 24, 2022Updated 3 years ago
Alternatives and similar repositories for fatbom
Users that are interested in fatbom are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- A tool which tries to map CVEs from NVD to packages in supported ecosystems (Maven, NPM, PyPI).☆12Jul 12, 2025Updated 11 months ago
- fatt tries to find any purl in your project by looking at predefined fields in the supported packages. These fields describe using a purl…☆11May 11, 2026Updated last month
- Transparenty Immutable Container Image Tags☆20Jul 5, 2023Updated 2 years ago
- A kubectl plugin to explore ingresses -> services -> workloads☆17Jun 1, 2020Updated 6 years ago
- ☆10Oct 16, 2025Updated 8 months ago
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- Prototype in-toto attestation verifier based on ITE-10 and ITE-11 layouts☆19Updated this week
- SPDX Merge tool☆51May 18, 2026Updated last month
- Linux agent used to submit realtime SBOMs and dependency usage information to EdgeBit☆15Jan 24, 2025Updated last year
- Dynamic GitHub Actions from Wolfi packages☆45May 5, 2026Updated last month
- A GitHub action for organizations that enables advanced security code scanning on all new repos☆42Jun 11, 2026Updated 2 weeks ago
- Dashboards and report templates for reporting developer-related metrics inspired by some popular developer productivity frameworks..☆21May 6, 2025Updated last year
- ☆84Apr 26, 2024Updated 2 years ago
- A Java implementation of in-toto runlib☆11Jul 23, 2024Updated last year
- Need to centrally manage and run Actions workflows across multiple repositories? This app does it for you.☆137Apr 30, 2024Updated 2 years ago
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- Diagrams to visually learn Falco and its eBPF probe☆15Jun 24, 2021Updated 5 years ago
- GitHub Advanced Security Pull Request Security Team required review GitHub App☆37Jun 23, 2026Updated last week
- ☆10Mar 26, 2026Updated 3 months ago
- kernel exploit POC for vulnerability i found in amd gpu driver☆10Jan 6, 2023Updated 3 years ago
- SBOM Move - Automate build and transfer of SBOMs across systems☆27May 4, 2026Updated last month
- Submit SBOMs to GitHub's dependency submission API☆19Dec 4, 2025Updated 6 months ago
- This is the GitHub repo of the OpenChain SBOM Study Group☆12Jun 24, 2026Updated last week
- Labeled vulnerability-package match pairs used as ground truth to evaluate vulnerability scanners☆14Jun 11, 2026Updated 2 weeks ago
- Get and convert job summaries to Md, PDF, and HTML☆10Nov 20, 2025Updated 7 months ago
- GPUs on demand by Runpod - Special Offer Available • AdRun AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
- Fedora Cyber Test Lab offers quantitative static and dynamic risk analysis of binaries☆13Feb 11, 2018Updated 8 years ago
- ☆14Jan 11, 2015Updated 11 years ago
- List of SBOM Generation Tools☆34Mar 7, 2025Updated last year
- 書籍『AIセキュリティから学ぶ ディープラーニング[技術]入門]』(技術評論者発行)で利用するソースコードを掲載しています(公式)。☆13Dec 12, 2020Updated 5 years ago
- ☆17Jan 11, 2022Updated 4 years ago
- Markdown Version of the DHS/CISA Secure Software Development Self Attestation Form.☆22May 4, 2023Updated 3 years ago
- Commandline tool for interactive container troubleshooting.☆52Jan 27, 2023Updated 3 years ago
- GitHub Action to reject approval of a pull request by any committer to that pull request☆13Jun 18, 2024Updated 2 years ago
- This is the OpenChain Telco Work Group☆20Updated this week
- Deploy open-source AI quickly and easily - Special Bonus Offer • AdRunpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
- A utility for validating and parsing Common Platform Enumeration (CPE) v2.2 and v2.3 as originally defined by MITRE and maintained by NIS…☆56Jan 26, 2026Updated 5 months ago
- An action to perform the required checks for complex pull request approval cases☆11Sep 4, 2023Updated 2 years ago
- Utility that converts SBOM documents from CycloneDX to SPDX☆34Jan 19, 2024Updated 2 years ago
- JetBrains IDE plugin for displaying SARIF from GHAS or from a local file☆10Jun 23, 2026Updated last week
- Automatically remove inactive Copilot licenses☆20Nov 20, 2025Updated 7 months ago
- Vulnerability Management with SBOM☆20Updated this week
- A container based toolkit for creating easy to assemble Ansible demos, labs, workshops, and PoCs☆11Jan 22, 2023Updated 3 years ago