blackducksoftware / hub

Related projects: ⓘ

• blackducksoftware / synopsys-detect
  Scanning and analysis for Synopsys products.
  ☆156Updated this week
• blackducksoftware / hub-rest-api-python
  HUB REST API Python bindings
  ☆89Updated last month
• stevespringett / nist-data-mirror
  A simple Java command-line utility to mirror the CVE JSON data from NIST.
  ☆206Updated last year
• CycloneDX / cyclonedx-cli
  CycloneDX CLI tool for SBOM analysis, merging, diffs and format conversions.
  ☆297Updated this week
• CycloneDX / cyclonedx-core-java
  CycloneDX SBOM Model and Utils for Creating and Validating BOMs
  ☆80Updated this week
• anchore / anchore-cli
  Simple command-line client to the Anchore Engine service
  ☆114Updated 2 months ago
• jenkinsci / dependency-check-plugin
  Jenkins plugin for OWASP Dependency-Check. Inspects project components for known vulnerabilities (e.g. CVEs).
  ☆129Updated 2 weeks ago
• aquasecurity / trivy-db
  ☆215Updated last week
• neuvector / kubernetes-cis-benchmark
  A set of scripts inspired by CIS Kubernetes Benchmark that checks best-practices of Kubernetes installations
  ☆264Updated last year
• CycloneDX / cyclonedx-maven-plugin
  Creates CycloneDX Software Bill of Materials (SBOM) from Maven projects
  ☆287Updated last week
• stevespringett / CPE-Parser
  A utility for validating and parsing Common Platform Enumeration (CPE) v2.2 and v2.3 as originally defined by MITRE and maintained by NIS…
  ☆48Updated this week
• aquasecurity / harbor-scanner-trivy
  Use Trivy as a plug-in vulnerability scanner in the Harbor registry
  ☆215Updated this week
• DependencyTrack / frontend
  Frontend UI for Dependency-Track
  ☆100Updated last week
• OtherDevOpsGene / zap-sonar-plugin
  Integrates OWASP Zed Attack Proxy reports into SonarQube
  ☆67Updated 10 months ago
• aquasecurity / docker-bench
  Checks whether Docker is deployed according to security best practices as defined in the CIS Docker Benchmark
  ☆207Updated 5 months ago
• anchore / ci-tools
  Contains scripts for running anchore engine in CI pipelines
  ☆34Updated 2 years ago
• blackducksoftware / blackduck-docker-inspector
  ☆20Updated 2 years ago
• aquasecurity / vuln-list
  NVD, Ubuntu, Alpine
  ☆405Updated this week
• joelee2012 / claircli
  Command line tool to interact with Quay Clair
  ☆16Updated last year
• srcclr / efda
  Evaluation Framework for Dependency Analysis (EFDA)
  ☆40Updated 2 years ago
• jenkinsci / dependency-track-plugin
  Main repository for the official Dependency-Track Jenkins plugin
  ☆43Updated last week
• arminc / clair-local-scan
  Run CoreOs Clair standalone
  ☆254Updated 2 months ago
• CycloneDX / bom-examples
  A repository with examples of CycloneDX BOMs (SBOM, SaaSBOM, OBOM, VEX, etc)
  ☆168Updated 3 months ago
• opensbom-generator / spdx-sbom-generator
  Support CI generation of SBOMs via golang tooling.
  ☆396Updated 8 months ago
• dev-sec / cis-docker-benchmark
  CIS Docker Benchmark - InSpec Profile
  ☆482Updated last year
• ossf / wg-security-tooling
  OpenSSF Security Tooling Working Group
  ☆297Updated 4 months ago
• aquasecurity / fanal
  Static Analysis Library for Containers
  ☆199Updated last year
• spdx / tools
  SPDX Tools
  ☆126Updated last year
• Skyscanner / sonar-secrets
  SonarQube plugin for identifying hardcoded secrets, such as passwords, API keys, AWS credentials, etc..
  ☆99Updated 9 months ago
• checkmarx-ltd / cx-flow
  Checkmarx Scan and Result Orchestration
  ☆88Updated this week