duo-labs / sharedsignalsLinks
Python tools for using OpenID's Shared Signals Framework (including CAEP)
☆18Updated 5 months ago
Alternatives and similar repositories for sharedsignals
Users that are interested in sharedsignals are comparing it to the libraries listed below
Sorting:
- OpenID Shared Signals and Events (SSE) / Continuous Access Evaluation Protocol (CAEP) / Risk Incident Sharing and Coordination (RISC) JSO…☆13Updated last year
- Proposed standard for an Authorization API☆85Updated last week
- Tooling and library for generation, validation and verification of supply chain metadata documents and frameworks☆32Updated 4 months ago
- ☆65Updated last year
- A specification for signing methods and formats used by Secure Systems Lab projects.☆83Updated 11 months ago
- Software Supply Chain Attribute Integrity (SCAI) Demos and CLI tools☆18Updated last week
- Improve Software Bill of Materials (SBOM) tooling and training to encourage adoption☆100Updated 3 weeks ago
- Umbrella Repository Service for TUF☆54Updated this week
- Website for OmniBOR, reproducible identifiers & fine-grained build dependency tracking for software artifacts.☆21Updated 7 months ago
- The Great Multi-Factor Authentication (MFA) Distribution Project of the Open Source Security Foundation (OpenSSF). We work to distribute …☆54Updated 3 years ago
- TUF repository for Sigstore trust root☆107Updated last week
- A TUF repository and signing tool☆39Updated last week
- vexctl is a tool to attest VEX impact statements☆45Updated 2 years ago
- Open Source Software Secure Supply Chain Framework☆236Updated 2 years ago
- The Auditree common fetchers, checks and harvest reports library.☆20Updated last year
- Supply Chain Integrity Transparency and Trust ledger application using Confidential Consortium Framework (CCF)☆38Updated last week
- Open Policy Agent extension for Authzed SpiceDB☆21Updated 10 months ago
- A BOM repository server for distributing CycloneDX BOMs☆77Updated last month
- Digital Credentials API☆132Updated last week
- in-toto is a framework to secure the software supply chain.☆70Updated 7 months ago
- A functional type system for policy inspection, audit and enforcement.☆13Updated 2 years ago
- This tool allows using a SPIFFE JWT to authenticate to AWS APIs☆34Updated last month
- ☆101Updated 11 months ago
- ☆16Updated 2 weeks ago
- OpenID Shared Signals Working Group Repository☆65Updated 3 weeks ago
- Curated list of SPIFFE and SPIRE resources☆58Updated 3 years ago
- Everything you ever wanted to know about the CRA and its implementation☆123Updated 2 weeks ago
- OpenVEX Specification☆156Updated 2 months ago
- Report on quality of SBOM contents☆19Updated 8 months ago
- sbomasm: The Complete SBOM Management Toolkit☆75Updated this week