Alternatives and similar repositories for yardstick:

Users that are interested in yardstick are comparing it to the libraries listed below

• chainguard-dev / bomshell
  An SBOM query language and associated utilities
  ☆54Updated last year
• anchore / chronicle
  a fast changelog generator sourced from PRs and Issues
  ☆53Updated this week
• anchore / grype-db
  ☆47Updated this week
• ossf / ossf-landscape
  ☆29Updated this week
• anchore / vunnel
  Tool for collecting vulnerability data from various sources (used to build the grype database)
  ☆92Updated last week
• chainguard-dev / github-audit-alerter
  Slack alert bot for matching Github Audit Events
  ☆10Updated 5 months ago
• interlynk-io / sbomgr
  SBOM Grep - search through SBOMs
  ☆22Updated last month
• aquasecurity / cfsec
  Static analysis for CloudFormation templates to identify common misconfiguration
  ☆57Updated 3 years ago
• VexStore / fatbom
  fatbom (Fat Bill Of Materials) is a tool which combines the SBOM generated by various tools into one fat SBOM. Thus leveraging each tool'…
  ☆32Updated 2 years ago
• chainguard-dev / vex
  vexctl is a tool to attest VEX impact statements
  ☆44Updated 2 years ago
• ossf / scorecard-webapp
  Website and API for OpenSSF Scorecard
  ☆24Updated this week
• anchore / vulnerability-match-labels
  Labeled vulnerability-package match pairs used as ground truth to evaluate vulnerability scanners
  ☆11Updated last month
• tacosframework / TACOS-spec
  TACOS framework structural details
  ☆20Updated last year
• chainguard-dev / maxcve
  ☆18Updated 3 weeks ago
• omnibor / site
  Website for OmniBOR, reproducible identifiers & fine-grained build dependency tracking for software artifacts.
  ☆21Updated 2 months ago
• philips-labs / slsa-provenance-action
  Github Action implementation of SLSA Provenance Generation
  ☆47Updated this week
• jsotiro / docker-multiscan
  A multi scanner for docker images. It drives Clair, Anchore, Trivy, Snyk, Grype, AWS ECR scans and consolidates the results.
  ☆14Updated last year
• IBM / sbom-utility
  This repo. is archived. The utility is now at: https://github.com/CycloneDX/sbom-utility
  ☆60Updated last year
• microsoft / Threat-Matrix-for-Kubernetes
  Microsoft Defender for Cloud threat matrix for Kubernetes
  ☆23Updated 2 years ago
• ossf / scorecard-monitor
  Simplify OpenSSF Scorecard tracking in your organization with automated markdown and JSON reports, plus optional GitHub issue alerts
  ☆34Updated last month
• stacklok / frizbee
  Throw a tag at it and it comes back with a checksum.
  ☆116Updated this week
• anchore / binny
  Manage a directory of binaries without a package manager
  ☆28Updated this week
• octo-sts / action
  ☆42Updated 5 months ago
• anchore / grype-vscode
  Grype vulnerability check plugin for Visual Studio Code
  ☆22Updated 4 months ago
• philips-software / SPDXMerge
  SPDX Merge tool
  ☆43Updated last month
• wolfi-dev / tools
  Various tools, images, etc. to support the Wolfi OSS project
  ☆21Updated this week
• HaRo87 / mdbom
  Software Bill of Material (SBOM) to Markdown conversion
  ☆9Updated last year
• sigstore / rekor-monitor
  Log monitor for Rekor to verify immutability and monitor entries
  ☆31Updated this week
• cloud-gov / caulking
  Prevent leaks with gitleaks, and use tests to validate
  ☆32Updated this week
• aws / aws-signer-notation-plugin
  AWS Signer Plugin for Notation
  ☆12Updated this week