Alternatives and similar repositories for cve-data-enrichment:

Users that are interested in cve-data-enrichment are comparing it to the libraries listed below

• anchore / nvd-data-overrides
  ☆47Updated this week
• anchore / yardstick
  Compare vulnerability scanners results (to make them better!)
  ☆16Updated this week
• Vulnetix / vulnetix
  Automate vulnerability triage which prioritizes remediation over discovery
  ☆16Updated this week
• anthonyharrison / lib4vex
  Library to ingest and generate VEX documents
  ☆15Updated 2 months ago
• anchore / vunnel
  Tool for collecting vulnerability data from various sources (used to build the grype database)
  ☆94Updated this week
• CycloneDX / transparency-exchange-api
  A standard API specification for exchanging supply chain artifacts and intelligence
  ☆78Updated last week
• anchore / grype-db
  ☆48Updated this week
• jgamblin / cve.icu
  CVE.ICU code.
  ☆41Updated this week
• chainguard-dev / self-attestation
  Markdown Version of the DHS/CISA Secure Software Development Self Attestation Form.
  ☆21Updated last year
• KaanSK / go-epss
  A Golang library for interacting with the EPSS (Exploit Prediction Scoring System).
  ☆28Updated 2 months ago
• anchore / vulnerability-match-labels
  Labeled vulnerability-package match pairs used as ground truth to evaluate vulnerability scanners
  ☆11Updated last month
• scanoss / purl2cpe
  PURL to CPE Relationship mapping project.
  ☆87Updated this week
• meta-fun / awesome-software-supply-chain-security
  Sharing software supply chain security open source projects
  ☆49Updated 2 years ago
• chainguard-dev / bom-shelter
  A place to systematically store software bill of materials (SBOM) documents.
  ☆46Updated last year
• CloudSecurityAlliance / gsd-tools
  Global Security Database Tools
  ☆42Updated last year
• sbomify / sbomify
  sbomify is an SBOM management platform.
  ☆24Updated this week
• ramimac / breach-list-database
  A meta-database collecting resources that compile lists of breaches
  ☆18Updated 5 months ago
• interlynk-io / sbomgr
  SBOM Grep - search through SBOMs
  ☆25Updated 2 months ago
• devops-kung-fu / trustier
  Takes a software bill of materials and outputs provenance, and activity data from trustypkg.dev
  ☆11Updated 6 months ago
• crashappsec / github-analyzer
  A tool to check the security settings of Github Organizations.
  ☆71Updated last year
• communitysec / sbom-hall-of-fame
  A place for the InfoSec community to share and celebrate real stories of organizations successfully using SBOMs (and other bills of mater…
  ☆42Updated last year
• spdx / ntia-conformance-checker
  Check SPDX SBOM for NTIA minimum elements
  ☆61Updated 3 weeks ago
• aquasecurity / cfsec
  Static analysis for CloudFormation templates to identify common misconfiguration
  ☆57Updated 3 years ago
• nianticlabs / modron
  Modron - Cloud security compliance
  ☆33Updated 4 months ago
• chainguard-dev / vex
  vexctl is a tool to attest VEX impact statements
  ☆44Updated 2 years ago
• FIRSTdotorg / cvss-v4-calculator
  CVSS v4.0 calculator
  ☆29Updated 8 months ago
• CloudSecurityAlliance / gsd-project
  Global Security Database Project
  ☆28Updated 2 years ago
• chainguard-dev / ghscan
  Scan GitHub Actions Workflow logs for IOCs
  ☆15Updated this week
• DataDog / supply-chain-firewall
  A tool for preventing the installation of malicious PyPI and npm packages
  ☆138Updated this week
• ossf / package-feeds
  Feed parsing for language package manager updates
  ☆78Updated 4 months ago