Alternatives and similar repositories for vulnerability-data-tools:

Users that are interested in vulnerability-data-tools are comparing it to the libraries listed below

• anchore / nvd-data-overrides
  ☆47Updated this week
• ossf / wg-vulnerability-disclosures
  The OpenSSF Vulnerability Disclosures Working Group seeks to help improve the overall security of the open source software ecosystem by h…
  ☆187Updated 3 weeks ago
• CycloneDX / transparency-exchange-api
  A standard API specification for exchanging supply chain artifacts and intelligence
  ☆78Updated last week
• CERTCC / SSVC
  Stakeholder-Specific Vulnerability Categorization
  ☆147Updated last week
• nyph-infosec / daggerboard
  ☆100Updated 7 months ago
• oasis-tcs / csaf
  OASIS CSAF TC: Supporting version control for Work Product artifacts developed by members of TC, including prose specifications and secon…
  ☆170Updated last week
• openvex / spec
  OpenVEX Specification
  ☆147Updated 3 weeks ago
• CycloneDX / bom-examples
  A repository with examples of CycloneDX BOMs (SBOM, SaaSBOM, OBOM, VEX, etc)
  ☆193Updated last week
• FIRSTdotorg / epss
  Exploit Prediction Scoring System (EPSS)
  ☆25Updated 2 years ago
• oasis-open / csaf-documentation
  OASIS TC Open Repository: A GitHub repository for management of non-normative information about the work of the CSAF Technical Committee,…
  ☆20Updated 2 months ago
• OWASP / OpenCRE
  ☆102Updated this week
• Vulnetix / python-ssvc
  Python implementation of Stakeholder-Specific Vulnerability Categorization (SSVC)
  ☆19Updated 4 months ago
• mitre / hipcheck
  Automatically assess and score software repositories for supply chain risk.
  ☆105Updated this week
• CERTCC / VINCE
  VINCE is the Vulnerability Information and Coordination Environment developed and used by the CERT Coordination Center to improve coordin…
  ☆64Updated last month
• ossf / security-baseline
  ☆81Updated this week
• ossf / wg-supply-chain-integrity
  Our objective is to enable open source maintainers, contributors and end-users to understand and make decisions on the provenance of the …
  ☆181Updated last year
• opencybersecurityalliance / casp
  ☆19Updated 3 weeks ago
• enisaeu / CNW
  Advisories, guidance, best practice documents and more issued by members of the EU CSIRTs network, a network composed of EU Member States…
  ☆76Updated 2 weeks ago
• anchore / vunnel
  Tool for collecting vulnerability data from various sources (used to build the grype database)
  ☆94Updated this week
• cisagov / CSAF
  CISA CSAF Security Advisories
  ☆68Updated this week
• IBM / CBOM
  Cryptography Bill of Materials
  ☆67Updated 2 months ago
• OpenEoX / openeox
  This project aims to standardize the representation and management of EOL and EOS product information across the industry.
  ☆28Updated last year
• owaspsamm / core
  Core model including reused documentation
  ☆96Updated last month
• ossf / security-insights-spec
  Machine-readable specification for the attestation of security-relevant data.
  ☆59Updated last week
• CycloneDX / sbom-utility
  Utility that provides an API platform for validating, querying and managing BOM data
  ☆109Updated this week
• ossf / sbom-everywhere
  Improve Software Bill of Materials (SBOM) tooling and training to encourage adoption
  ☆88Updated this week
• opencybersecurityalliance / PACE
  Posture Attribute Collection and Evaluation
  ☆23Updated last year
• ossf / osv-schema
  Open Source Vulnerability schema.
  ☆198Updated 2 weeks ago
• madpah / vexy
  Generate VEX (Vulnerability Exploitability Exchange) CycloneDX documents
  ☆21Updated 3 months ago
• IQTLabs / software-supply-chain-compromises
  A dataset of software supply chain compromises. Please help us maintain it!
  ☆128Updated 2 years ago