Alternatives and similar repositories for blackduck-docker-inspector

Users that are interested in blackduck-docker-inspector are comparing it to the libraries listed below

• blackducksoftware / detect
  Scanning and analysis for Black Duck SCA products.
  ☆187Updated this week
• OtherDevOpsGene / zap-sonar-plugin
  Integrates OWASP Zed Attack Proxy reports into SonarQube
  ☆72Updated 3 months ago
• OSSIndex / vulns
  Report missing advisories and corrections on OSS Index
  ☆17Updated 2 years ago
• blackducksoftware / hub
  Black Duck Docker Orchestration Files/Documentation
  ☆130Updated last week
• aquasecurity / fanal
  Static Analysis Library for Containers
  ☆197Updated 2 years ago
• secureCodeBox / secureCodeBox-v2
  This Repository contains the stable beta preview of the next major secureCodeBox (SCB) release v2.0.0.
  ☆24Updated 5 years ago
• k8s-sec / k8s-sec.github.io
  Links and resources for the O'Reilly Kubernetes Security book
  ☆100Updated 4 years ago
• aquasecurity / docker-bench
  Checks whether Docker is deployed according to security best practices as defined in the CIS Docker Benchmark
  ☆222Updated 9 months ago
• jenkinsci / dependency-check-plugin
  Jenkins plugin for OWASP Dependency-Check. Inspects project components for known vulnerabilities (e.g. CVEs).
  ☆137Updated this week
• anchore / harbor-scanner-adapter
  Harbor Scanner Adapter for Anchore Engine and Enterprise
  ☆39Updated last week
• OWASP / Container-Security-Verification-Standard
  Container Security Verification Standard
  ☆58Updated 6 years ago
• anchore / ci-tools
  Contains scripts for running anchore engine in CI pipelines
  ☆34Updated 3 years ago
• CycloneDX / bom-examples
  A repository with examples of CycloneDX BOMs (SBOM, SaaSBOM, OBOM, VEX, etc)
  ☆207Updated 3 weeks ago
• CycloneDX / license-scanner
  Utility that provides an API and CLI to identify licenses and legal terms
  ☆53Updated 4 months ago
• OWASP / Software-Component-Verification-Standard
  Software Component Verification Standard (SCVS)
  ☆150Updated 7 months ago
• anchore / anchore-cli
  Simple command-line client to the Anchore Engine service
  ☆113Updated last year
• sonatype-nexus-community / ahab
  ahab is a tool to check for vulnerabilities in your apt, apk, or yum powered operating systems, powered by Sonatype OSS Index.
  ☆68Updated last year
• in-toto / demo
  Securing Alice's, Bob's and Carl's software supply chain using in-toto
  ☆99Updated last month
• CycloneDX / cyclonedx-core-java
  CycloneDX SBOM Model and Utils for Creating and Validating BOMs
  ☆99Updated last week
• ossf / s2c2f
  The S2C2F Project is a group working within the OpenSSF's Supply Chain Integrity Working Group formed to further develop and continuously…
  ☆215Updated 5 months ago
• CycloneDX / sbom-utility
  Utility that provides an API platform for validating, querying and managing BOM data
  ☆122Updated last month
• aquasecurity / harbor-scanner-aqua
  Aqua Enterprise scanner as a plug-in vulnerability scanner in the Harbor registry
  ☆36Updated last year
• docker / sbom-cli-plugin
  Plugin for Docker CLI to support SBOM creation using Syft
  ☆160Updated last week
• RIGS-IT / sonar-xanitizer
  Integrates Xanitizer results into SonarQube
  ☆21Updated 4 years ago
• mauilion / blackhat-2019
  ☆51Updated 5 years ago
• stevespringett / cvss-calculator
  A Java library for calculating CVSSv2, CVSSv3, and CVSSv4 scores and vectors
  ☆49Updated last week
• OWASP / cwe-tool
  A command line CWE discovery tool based on OWASP / CAPSEC database of Common Weakness Enumeration.
  ☆61Updated 5 months ago
• octarinesec / kccss
  Kubernetes Common Configuration Scoring System
  ☆122Updated 3 years ago
• CERTCC / SBOM
  Examples and proof-of-concept for Software Bill of Materials (SBOM) code & data
  ☆65Updated last year
• ossf / wg-vulnerability-disclosures
  The OpenSSF Vulnerability Disclosures Working Group seeks to help improve the overall security of the open source software ecosystem by h…
  ☆203Updated last month