Alternatives and similar repositories for blackduck-docker-inspector:

Users that are interested in blackduck-docker-inspector are comparing it to the libraries listed below

• stevespringett / vulndb-data-mirror
  A simple Java command-line utility to mirror the entire contents of VulnDB.
  ☆44Updated 2 months ago
• OSSIndex / vulns
  Report missing advisories and corrections on OSS Index
  ☆17Updated 2 years ago
• blackducksoftware / detect
  Scanning and analysis for Black Duck SCA products.
  ☆170Updated this week
• aquasecurity / harbor-scanner-aqua
  Aqua Enterprise scanner as a plug-in vulnerability scanner in the Harbor registry
  ☆36Updated 4 months ago
• jenkinsci / dependency-check-plugin
  Jenkins plugin for OWASP Dependency-Check. Inspects project components for known vulnerabilities (e.g. CVEs).
  ☆134Updated 2 weeks ago
• jenkinsci / anchore-container-scanner-plugin
  Jenkins plugin that adds Anchore container image analysis and policy evaluation to Jenkins as a build step
  ☆29Updated 2 months ago
• jenkinsci / aqua-microscanner-plugin
  Enables scanning of docker builds in Jenkins for OS package vulnerabilities.
  ☆35Updated last year
• CycloneDX / cyclonedx-core-java
  CycloneDX SBOM Model and Utils for Creating and Validating BOMs
  ☆86Updated this week
• CERTCC / SBOM
  Examples and proof-of-concept for Software Bill of Materials (SBOM) code & data
  ☆57Updated 10 months ago
• blackducksoftware / github-action
  Synopsys Detect integration with Github Actions
  ☆17Updated last year
• sonatype / docker-nexus-iq-server
  Dockerized version of Nexus IQ Server
  ☆26Updated 2 weeks ago
• OtherDevOpsGene / zap-sonar-plugin
  Integrates OWASP Zed Attack Proxy reports into SonarQube
  ☆70Updated last year
• sonatype-nexus-community / ahab
  ahab is a tool to check for vulnerabilities in your apt, apk, or yum powered operating systems, powered by Sonatype OSS Index.
  ☆68Updated 10 months ago
• srcclr / efda
  Evaluation Framework for Dependency Analysis (EFDA)
  ☆43Updated 2 years ago
• jenkinsci / zap-plugin
  The OWASP ZAP Jenkins Plugin extends the functionality of the ZAP security tool into a CI Environment.
  ☆58Updated 4 months ago
• CycloneDX / license-scanner
  Utility that provides an API and CLI to identify licenses and legal terms
  ☆43Updated 8 months ago
• spdx / spdx-to-osv
  Produce an Open Source Vulnerability JSON file based on information in an SPDX document
  ☆63Updated 8 months ago
• OWASP / Software-Component-Verification-Standard
  Software Component Verification Standard (SCVS)
  ☆140Updated 10 months ago
• anchore / grype-vscode
  Grype vulnerability check plugin for Visual Studio Code
  ☆22Updated 2 months ago
• secureCodeBox / secureCodeBox-v2
  This Repository contains the stable beta preview of the next major secureCodeBox (SCB) release v2.0.0.
  ☆24Updated 4 years ago
• anchore / harbor-scanner-adapter
  Harbor Scanner Adapter for Anchore Engine and Enterprise
  ☆37Updated this week
• spdx / ntia-conformance-checker
  Check SPDX SBOM for NTIA minimum elements
  ☆60Updated 2 weeks ago
• anchore / ci-tools
  Contains scripts for running anchore engine in CI pipelines
  ☆34Updated 2 years ago
• DependencyTrack / hyades
  Incubating project for decoupling responsibilities from Dependency-Track's monolithic API server into separate, scalable services.
  ☆66Updated this week
• k8s-sec / k8s-sec.github.io
  Links and resources for the O'Reilly Kubernetes Security book
  ☆98Updated 4 years ago
• ptdropper / CVE-Scanner-for-your-SW-BOM
  CVE Vulnerability scanner of your software bill of materials (SBOM). ASCII text input.
  ☆17Updated 4 years ago
• snyk-labs / java-goof
  ☆92Updated 4 months ago
• victims / maven-security-versions
  Identify vulnerable libraries in Maven dependencies
  ☆46Updated 2 years ago
• aquasecurity / fanal
  Static Analysis Library for Containers
  ☆199Updated last year
• SAP / fosstars-rating-core
  A framework for defining ratings for open source projects. In particular, the framework offers a security rating for open source projects…
  ☆61Updated last month