cloud-native-security-controls / controls-catalogLinks
☆16Updated last year
Alternatives and similar repositories for controls-catalog
Users that are interested in controls-catalog are comparing it to the libraries listed below
Sorting:
- Visualizer for GUAC☆28Updated last week
- A standard API specification for exchanging supply chain artifacts and intelligence☆79Updated this week
- Archivista is a graph and storage service for in-toto attestations. Archivista enables the discovery and retrieval of attestations for so…☆97Updated last week
- Scan GitHub Actions Workflow logs for IOCs☆15Updated last week
- ☆62Updated 10 months ago
- vexctl is a tool to attest VEX impact statements☆44Updated 2 years ago
- ☆100Updated 8 months ago
- OpenVEX Specification☆150Updated 2 months ago
- A tool to create, transform and attest VEX metadata☆137Updated last week
- Generate a score for your sbom to understand if it will actually be useful.☆229Updated 9 months ago
- Enrich SBOMs with data from third party services☆173Updated last month
- This repo. is archived. The utility is now at: https://github.com/CycloneDX/sbom-utility☆60Updated 2 years ago
- Markdown Version of the DHS/CISA Secure Software Development Self Attestation Form.☆21Updated 2 years ago
- A place for the InfoSec community to share and celebrate real stories of organizations successfully using SBOMs (and other bills of mater…☆42Updated last year
- A CLI tool for creating secure by design/default source repos.☆25Updated 10 months ago
- Working Group on Artificial Intelligence and Machine Learning (AI/ML) Security☆79Updated 7 months ago
- Tool for collecting vulnerability data from various sources (used to build the grype database)☆94Updated last week
- fatbom (Fat Bill Of Materials) is a tool which combines the SBOM generated by various tools into one fat SBOM. Thus leveraging each tool'…☆32Updated 2 years ago
- Machine-readable specification for the attestation of security-relevant data.☆59Updated 3 weeks ago
- StartLeft is an automation tool for generating Threat Models written in the Open Threat Model (OTM) format from a variety of different so…☆50Updated this week
- ☆236Updated last week
- ORBIT: Open Resources for Baselines, Interoperability, and Tooling☆12Updated last week
- The Open Threat Modeling Format (OTM) defines a platform independent way to define the threat model of any system.☆172Updated 6 months ago
- A tool to check the security settings of Github Organizations.☆71Updated last year
- Check SPDX SBOM for NTIA minimum elements☆62Updated last month
- A repository containing OSCAL serializations of the CIS Critical Security Controls☆51Updated 2 months ago
- SBOM Edit - Conditional edits and merging of SBOMs☆69Updated this week
- Technical Advisory Council☆124Updated this week
- Scripts to import OSCAL example content into the Neo4J graph database☆28Updated 2 years ago
- Various deployments of the OSCAL editor☆46Updated 10 months ago