Alternatives and similar repositories for sbom-lab

Users that are interested in sbom-lab are comparing it to the libraries listed below

• fabric8-analytics / cvedb
  CVE database
  ☆22Updated 4 years ago
• chainguard-dev / bom-shelter
  A place to systematically store software bill of materials (SBOM) documents.
  ☆46Updated 2 years ago
• interlynk-io / sbomgr
  SBOM Search - Context aware search in SBOM repositories
  ☆26Updated 2 weeks ago
• zapbot / zap-mgmt-scripts
  ZAP Management Scripts
  ☆23Updated 2 weeks ago
• Checkmarx / chainjacking
  Find which of your direct GitHub dependencies is susceptible to RepoJacking attacks
  ☆58Updated 3 years ago
• meta-fun / awesome-software-supply-chain-security
  Sharing software supply chain security open source projects
  ☆50Updated 2 years ago
• ptdropper / CVE-Scanner-for-your-SW-BOM
  CVE Vulnerability scanner of your software bill of materials (SBOM). ASCII text input.
  ☆17Updated 4 years ago
• scanoss / sbom-workbench
  The SCANOSS SBOM Workbench graphical user interface to scan and audit your source code.
  ☆53Updated last week
• hmrc / security-git-hooks
  ☆19Updated last year
• anchore / grype-db
  ☆50Updated this week
• semgrep / semgrep-docs
  Documentation of Semgrep: a fast, open-source, static analysis tool.
  ☆41Updated this week
• usnistgov / swid-tools
  ☆13Updated this week
• anchore / vunnel
  Tool for collecting vulnerability data from various sources (used to build the grype database)
  ☆96Updated 2 weeks ago
• OSSIndex / vulns
  Report missing advisories and corrections on OSS Index
  ☆17Updated 2 years ago
• ShiftLeftSecurity / scan-docs
  ☆28Updated 2 years ago
• tacosframework / TACOS-spec
  TACOS framework structural details
  ☆20Updated 3 weeks ago
• franksec42 / Vulnerability-management-maturity
  Maturity Model Collaborative project
  ☆15Updated 2 years ago
• aquasecurity / saas-api-samples
  Sample code snippets for consuming the CloudSploit API
  ☆13Updated last year
• ossf / security-reviews
  A community collection of security reviews of open source software components.
  ☆94Updated last year
• OWASP / www-project-dependency-track
  OWASP Foundation Web Respository
  ☆21Updated last year
• interlynk-io / sbomex
  SBOM Explorer - Discover and pull public SBOMs
  ☆18Updated 2 weeks ago
• projectdiscovery / notify-action
  Notify is a helper utility written in Go that allows you to post output to multiple platforms.
  ☆15Updated 3 years ago
• uchi-mata / dostainer
  ☆29Updated 4 months ago
• Threagile / run-threagile-action
  GitHub action to run Threagile, the agile threat modeling toolkit, on a repo's threagile.yaml file
  ☆13Updated last year
• ossf / project-template
  OpenSSF Project Template
  ☆18Updated last year
• Srendi / Better-AWS-SCAN
  ☆11Updated 8 years ago
• kaakaww / vuln-graphql-api
  A very vulnerable implementation of a GraphQL API.
  ☆16Updated last month
• chainguard-dev / self-attestation
  Markdown Version of the DHS/CISA Secure Software Development Self Attestation Form.
  ☆21Updated 2 years ago
• raesene / eathar
  ☆27Updated 3 weeks ago
• rusakovichma / TicTaaC
  Easy-to-use Threat modeling-as-a-Code (TaaC) solution following DevSecOps principles. Simple CI/CD integration as well as console usage. …
  ☆65Updated 11 months ago