carbonetes / diggity

Related projects ⓘ

Alternatives and complementary repositories for diggity

• carbonetes / diggity-action
  A Github Action that utilizes Diggity to generate software bill-of-materials (SBOM).
  ☆14Updated last year
• carbonetes / jacked
  Jacked provides organizations with a more comprehensive look at their application to take calculated actions and create a better security…
  ☆100Updated 2 months ago
• jenkinsci / jacked-plugin
  ☆18Updated 3 months ago
• carbonetes / brainiac
  BrainIAC uses static code analysis to analyze IAC code to detect security issues before deployment. This tool can scan for issues like se…
  ☆68Updated 2 months ago
• carbonetes / carbonetes-lens-extension
  ☆34Updated last year
• OWASP / www-project-wrongsecrets
  OWASP Foundation Web Respository
  ☆16Updated 3 weeks ago
• oscal-compass / compliance-trestle-agile-authoring
  Agile authoring tutorial and repo set-up tooling
  ☆18Updated 2 months ago
• manifest-cyber / aibom
  A community wiki for all things AI/ML bill of materials (MLBOM, AIBOM) and transparency into AI/ML models.
  ☆33Updated 2 weeks ago
• CycloneDX / sbom-utility
  Utility that provides an API platform for validating, querying and managing BOM data
  ☆95Updated this week
• CMS-Enterprise / sbom-harbor
  Repository for the SBOM Harbor.
  ☆17Updated last year
• CERTCC / SSVC
  Stakeholder-Specific Vulnerability Categorization
  ☆130Updated this week
• FATHOM5CORP / oscal
  NIST SP 800-171 OSCAL Content
  ☆13Updated 2 years ago
• CycloneDX / sbom-comparator
  Lockheed Martin developed utility to compare two CycloneDX SBOMs
  ☆18Updated 3 years ago
• cybeats / sbomgen
  List of SBOM Generation Tools
  ☆20Updated last week
• vmware-samples / sbom-composer
  A tool that takes two or more micro SBOMs and composes them into one distributable SBOM
  ☆23Updated last year
• IBM / gauge
  Measure release insights and recommendations for open-source dependencies. Note: this project is archived.
  ☆11Updated last year
• openvex / go-vex
  Go module to generate and transform VEX documents
  ☆34Updated 3 weeks ago
• opossum-tool / OpossumUI
  A light-weight app to audit and inventory large codebases for open source license compliance.
  ☆60Updated this week
• jeremylong / Open-Vulnerability-Project
  Java libraries for working with available vulnerability data sources (GitHub Security Advisories, NVD, EPSS, CISA Known Exploited Vulnera…
  ☆124Updated this week
• FIRSTdotorg / epss
  Exploit Prediction Scoring System (EPSS)
  ☆23Updated 2 years ago
• jgamblin / CVElk
  Autoconfigured ELK Stack That Contains All EPSS and NVD CVE Data
  ☆47Updated 4 months ago
• chaoss / augur-community-reports
  A set of Jupyter Lab Notebooks and Other Implementations of Community Reports in Standard Form
  ☆15Updated 7 months ago
• gatecheckdev / gatecheck
  Gatecheck CI/CD Validation Tool
  ☆14Updated 5 months ago
• nscuro / dtapac
  Audit Dependency-Track findings and policy violations via policy as code
  ☆32Updated this week
• opencybersecurityalliance / PACE
  Posture Attribute Collection and Evaluation
  ☆23Updated last year
• opensbom-generator / spdx-sbom-generator
  Support CI generation of SBOMs via golang tooling.
  ☆408Updated 10 months ago
• skyflowapi / skyflow-go
  Skyflow SDK for the Go programming language.
  ☆11Updated this week
• cncf / public-sector-user-group
  🏛️ 🗣️ ☁️ CNCF User Group focused on advancing cloud computing in the public sector
  ☆21Updated last month
• ossf / toolbelt
  ☆18Updated 5 months ago
• debricked / cli
  Debricked's command line interface. It brings open source security, compliance and health to your project via the command prompt.
  ☆20Updated this week