Alternatives and similar repositories for diggity:

Users that are interested in diggity are comparing it to the libraries listed below

• carbonetes / jacked
  Jacked provides organizations with a more comprehensive look at their application to take calculated actions and create a better security…
  ☆102Updated last month
• carbonetes / diggity-action
  A Github Action that utilizes Diggity to generate software bill-of-materials (SBOM).
  ☆14Updated 2 years ago
• jenkinsci / jacked-plugin
  ☆18Updated 8 months ago
• carbonetes / brainiac
  BrainIAC uses static code analysis to analyze IAC code to detect security issues before deployment. This tool can scan for issues like se…
  ☆70Updated 6 months ago
• 18F / fedramp-automation
  FedRAMP Automation
  ☆16Updated last year
• carbonetes / carbonetes-lens-extension
  ☆35Updated 2 years ago
• madpah / vexy
  Generate VEX (Vulnerability Exploitability Exchange) CycloneDX documents
  ☆20Updated 2 months ago
• IBM / sonar-cryptography
  This repository contains a SonarQube Plugin that detects cryptographic assets in source code and generates CBOM.
  ☆32Updated last week
• omnibor / site
  Website for OmniBOR, reproducible identifiers & fine-grained build dependency tracking for software artifacts.
  ☆21Updated 2 months ago
• defenseunicorns / go-oscal
  Repository for the generation of OSCAL data types
  ☆23Updated last week
• cds-snc / notification-terraform
  Terraform for notification.canada.ca
  ☆14Updated this week
• defenseunicorns / delivery-aws-iac
  ☆16Updated 3 weeks ago
• GovTechSG / tech-standards
  ☆16Updated 7 months ago
• infralicious / awesome-service-control-policies
  Awesome AWS service control policies (SCPs)
  ☆25Updated 2 months ago
• defenseunicorns / lula
  The Compliance Validator
  ☆170Updated last week
• DependencyTrack / hyades
  Incubating project for decoupling responsibilities from Dependency-Track's monolithic API server into separate, scalable services.
  ☆70Updated this week
• anchore / grant
  Search an SBOM for licenses and the packages they belong to
  ☆83Updated this week
• usnistgov / blossom-case-study
  A case study for ACSAC 2022 utilizing OSCAL with a custom GitHub action to automate assessments.
  ☆24Updated 2 years ago
• kusaridev / skootrs
  A CLI tool for creating secure by design/default source repos.
  ☆25Updated 8 months ago
• aws-samples / bedrock-agents-for-eks
  ☆11Updated 4 months ago
• CycloneDX / cyclonedx-bom-repo-server
  A BOM repository server for distributing CycloneDX BOMs
  ☆77Updated last year
• devops-kung-fu / trustier
  Takes a software bill of materials and outputs provenance, and activity data from trustypkg.dev
  ☆11Updated 6 months ago
• guacsec / guac-visualizer
  Visualizer for GUAC
  ☆28Updated 3 weeks ago
• oscal-club / community
  The community area and documents about Code of Conduct.
  ☆18Updated 4 years ago
• in-toto / scai-demos
  Software Supply Chain Attribute Integrity (SCAI) Demos and CLI tools
  ☆18Updated 2 weeks ago
• RS-Credentive / oscal-pydantic
  ☆16Updated last year
• CycloneDX / transparency-exchange-api
  A standard API specification for exchanging supply chain artifacts and intelligence
  ☆75Updated 3 weeks ago
• IBM / CBOM
  Cryptography Bill of Materials
  ☆66Updated last month
• CERTCC / SBOM
  Examples and proof-of-concept for Software Bill of Materials (SBOM) code & data
  ☆57Updated last year
• checkmarx-ts / CxAnalytix
  Exports vulnerability scan data from the Checkmarx SAST platform for use in analytical tools.
  ☆19Updated 5 months ago