blackducksoftware / hub
Black Duck Docker Orchestration Files/Documentation
☆118Updated 2 weeks ago
Related projects: ⓘ
- Scanning and analysis for Synopsys products.☆156Updated this week
- HUB REST API Python bindings☆89Updated last month
- A simple Java command-line utility to mirror the CVE JSON data from NIST.☆206Updated last year
- CycloneDX CLI tool for SBOM analysis, merging, diffs and format conversions.☆297Updated this week
- CycloneDX SBOM Model and Utils for Creating and Validating BOMs☆80Updated this week
- Simple command-line client to the Anchore Engine service☆114Updated 2 months ago
- Jenkins plugin for OWASP Dependency-Check. Inspects project components for known vulnerabilities (e.g. CVEs).☆129Updated 2 weeks ago
- ☆215Updated last week
- A set of scripts inspired by CIS Kubernetes Benchmark that checks best-practices of Kubernetes installations☆264Updated last year
- Creates CycloneDX Software Bill of Materials (SBOM) from Maven projects☆287Updated last week
- A utility for validating and parsing Common Platform Enumeration (CPE) v2.2 and v2.3 as originally defined by MITRE and maintained by NIS…☆48Updated this week
- Use Trivy as a plug-in vulnerability scanner in the Harbor registry☆215Updated this week
- Frontend UI for Dependency-Track☆100Updated last week
- Integrates OWASP Zed Attack Proxy reports into SonarQube☆67Updated 10 months ago
- Checks whether Docker is deployed according to security best practices as defined in the CIS Docker Benchmark☆207Updated 5 months ago
- Contains scripts for running anchore engine in CI pipelines☆34Updated 2 years ago
- ☆20Updated 2 years ago
- NVD, Ubuntu, Alpine☆405Updated this week
- Command line tool to interact with Quay Clair☆16Updated last year
- Evaluation Framework for Dependency Analysis (EFDA)☆40Updated 2 years ago
- Main repository for the official Dependency-Track Jenkins plugin☆43Updated last week
- Run CoreOs Clair standalone☆254Updated 2 months ago
- A repository with examples of CycloneDX BOMs (SBOM, SaaSBOM, OBOM, VEX, etc)☆168Updated 3 months ago
- Support CI generation of SBOMs via golang tooling.☆396Updated 8 months ago
- CIS Docker Benchmark - InSpec Profile☆482Updated last year
- OpenSSF Security Tooling Working Group☆297Updated 4 months ago
- Static Analysis Library for Containers☆199Updated last year
- SPDX Tools☆126Updated last year
- SonarQube plugin for identifying hardcoded secrets, such as passwords, API keys, AWS credentials, etc..☆99Updated 9 months ago
- Checkmarx Scan and Result Orchestration☆88Updated this week