Alternatives and similar repositories for blackduck-docker-inspector

Users that are interested in blackduck-docker-inspector are comparing it to the libraries listed below

• blackducksoftware / detect
  Scanning and analysis for Black Duck SCA products.
  ☆185Updated this week
• OtherDevOpsGene / zap-sonar-plugin
  Integrates OWASP Zed Attack Proxy reports into SonarQube
  ☆72Updated 2 months ago
• anchore / harbor-scanner-adapter
  Harbor Scanner Adapter for Anchore Engine and Enterprise
  ☆40Updated this week
• jenkinsci / dependency-check-plugin
  Jenkins plugin for OWASP Dependency-Check. Inspects project components for known vulnerabilities (e.g. CVEs).
  ☆138Updated this week
• aquasecurity / docker-bench
  Checks whether Docker is deployed according to security best practices as defined in the CIS Docker Benchmark
  ☆220Updated 8 months ago
• anchore / anchore-cli
  Simple command-line client to the Anchore Engine service
  ☆114Updated last year
• OWASP / sonarqube
  OWASP SonarQube Project
  ☆110Updated 6 years ago
• k8s-sec / k8s-sec.github.io
  Links and resources for the O'Reilly Kubernetes Security book
  ☆99Updated 4 years ago
• anchore / ci-tools
  Contains scripts for running anchore engine in CI pipelines
  ☆34Updated 3 years ago
• jenkinsci / anchore-container-scanner-plugin
  Jenkins plugin that adds Anchore container image analysis and policy evaluation to Jenkins as a build step
  ☆30Updated 9 months ago
• docker / sbom-cli-plugin
  Plugin for Docker CLI to support SBOM creation using Syft
  ☆156Updated last month
• sonatype / docker-nexus-iq-server
  Dockerized version of Nexus IQ Server
  ☆26Updated 3 weeks ago
• rht-labs / owasp-zap-openshift
  A Docker build for OWASP Zed Attack Proxy to be used in CI/CD pipelines
  ☆29Updated 5 years ago
• octarinesec / kccss
  Kubernetes Common Configuration Scoring System
  ☆123Updated 3 years ago
• OWASP / Software-Component-Verification-Standard
  Software Component Verification Standard (SCVS)
  ☆150Updated 6 months ago
• anchore / grype-vscode
  Grype vulnerability check plugin for Visual Studio Code
  ☆23Updated 9 months ago
• ShiftLeftSecurity / HelloShiftLeft
  ☆11Updated last year
• secureCodeBox / secureCodeBox-v2
  This Repository contains the stable beta preview of the next major secureCodeBox (SCB) release v2.0.0.
  ☆24Updated 4 years ago
• in-toto / demo
  Securing Alice's, Bob's and Carl's software supply chain using in-toto
  ☆97Updated this week
• aquasecurity / fanal
  Static Analysis Library for Containers
  ☆198Updated 2 years ago
• stevespringett / cvss-calculator
  A Java library for calculating CVSSv2 and CVSSv3 scores and vectors
  ☆47Updated 9 months ago
• CycloneDX / bom-examples
  A repository with examples of CycloneDX BOMs (SBOM, SaaSBOM, OBOM, VEX, etc)
  ☆203Updated 5 months ago
• OSSIndex / vulns
  Report missing advisories and corrections on OSS Index
  ☆17Updated 2 years ago
• goharbor / pluggable-scanner-spec
  Open API spec definition for the scanners that can be plugged into Harbor to do artifact scanning.
  ☆26Updated last year
• aquasecurity / harbor-scanner-aqua
  Aqua Enterprise scanner as a plug-in vulnerability scanner in the Harbor registry
  ☆36Updated last year
• sonatype-nexus-community / ahab
  ahab is a tool to check for vulnerabilities in your apt, apk, or yum powered operating systems, powered by Sonatype OSS Index.
  ☆68Updated last year
• jenkinsci / aqua-microscanner-plugin
  Enables scanning of docker builds in Jenkins for OS package vulnerabilities.
  ☆35Updated 2 years ago
• OWASP / www-project-kubernetes-security-testing-guide
  OWASP Kubernetes Security Testing Guide
  ☆38Updated last year
• CycloneDX / cyclonedx-core-java
  CycloneDX SBOM Model and Utils for Creating and Validating BOMs
  ☆97Updated last week
• hacking-kubernetes / hacking-kubernetes.info
  book website
  ☆71Updated 3 years ago