endorlabs / sbom-lab

Related projects ⓘ

Alternatives and complementary repositories for sbom-lab

• old-xebis / repository-template
  Highly automated, up-to-date, and well-documented repository template. Checks for common problems, Markdown, YAML, Bash, formats, lints, …
  ☆11Updated 10 months ago
• OperantAI / secops-chaos
  Security-focused Chaos Experiments for DevSecOps Teams
  ☆23Updated 4 months ago
• ComplianceAsCode / oscal
  OSCAL SSP content for technologies shipped by Red Hat
  ☆15Updated last year
• kondukto-io / semgrep-rules
  Custom semgrep rules registry
  ☆12Updated 2 years ago
• OSSIndex / vulns
  Report missing advisories and corrections on OSS Index
  ☆17Updated last year
• chainguard-dev / self-attestation
  Markdown Version of the DHS/CISA Secure Software Development Self Attestation Form.
  ☆21Updated last year
• DefectDojo / Community-Contribs
  DefectDojo Community Content
  ☆17Updated last month
• swagitda / security-decision-trees-graphviz
  Decision trees generated via Graphviz to inform pragmatic threat modelling.
  ☆10Updated 3 years ago
• vwt-digital / sec-helpers
  Collection of dynamic security related helpers
  ☆15Updated last year
• OWASP / TimeGap-Theory
  An auto-scoring capture-the-flag game focusing on TOCTOU vulnerabilities
  ☆18Updated 4 years ago
• Prelude-SIEM / prelude-correlator
  The official Prelude-Correlator GitHub mirror of https://www.prelude-siem.org/projects/prelude-correlator/repository
  ☆10Updated 3 years ago
• ComplianceAsCode / auditree-plant
  The Auditree tool for adding external evidence.
  ☆10Updated last month
• ossf / project-template
  OpenSSF Project Template
  ☆17Updated 11 months ago
• zapbot / zap-mgmt-scripts
  ZAP Management Scripts
  ☆21Updated this week
• cisagov / pe-reports
  Automated process to build and distribute Posture & Exposure Reports' bi-weekly to customers.
  ☆17Updated 8 months ago
• freedomofpress / threat-modeling
  experimental threat modeling tools
  ☆14Updated 2 years ago
• appsecco / owasp-threat-dragon-gitlab
  OWASP Threat Dragon with Gitlab Integration
  ☆24Updated 7 years ago
• gjyoung1974 / policy-pipeline
  Policy Pipeline : place an SDLC around your compliance documentation with a pipeline that renders policy-as-code to human friendly format…
  ☆11Updated 4 years ago
• w8mej / PoorOperationalSecurityPractices
  Deceptive tradecraft should be fun and light, not stern and stressful. It is cool to be cute.
  ☆13Updated 11 months ago
• fabaff / fsl-test-bench
  FSL Test bench - Ansible playbook repository to setup a save environment for security auditing and testing. It can be used for teaching s…
  ☆28Updated 4 months ago
• ComplianceAsCode / auditree-harvest
  The Auditree data gathering and reporting tool.
  ☆13Updated 2 months ago
• ekeih / kube-shodan
  Register your Kubernetes IPs to monitor.shodan.io
  ☆18Updated 2 years ago
• GoogleCloudPlatform / assured-workloads-terraform
  ☆14Updated 3 months ago
• nccgroup / SFPolDevChk
  Salesforce Policy Deviation Checker
  ☆30Updated 4 years ago
• mitre / OpenHealthDashboard
  A dashboard framework for visualizing complex data sets on T1V multi-panel displays
  ☆19Updated last year
• sonatype-nexus-community / chelsea
  Dependency vulnerability auditor for Ruby
  ☆14Updated 2 months ago
• aquasecurity / saas-api-samples
  Sample code snippets for consuming the CloudSploit API
  ☆13Updated last year
• aquasecurity / windows-bench
  Checks whether a Windows server according to security best practices as defined in the CIS Distribution-Independent Windows Benchmark
  ☆16Updated 5 months ago
• crtsh / go-certlint
  Go wrapper for awslabs/certlint
  ☆24Updated 4 years ago