Alternatives and similar repositories for sbom-lab

Users that are interested in sbom-lab are comparing it to the libraries listed below

• DefectDojo / Community-Contribs
  DefectDojo Community Content
  ☆18Updated last month
• ShiftLeftSecurity / scan-docs
  ☆28Updated 2 years ago
• rusakovichma / TicTaaC
  Easy-to-use Threat modeling-as-a-Code (TaaC) solution following DevSecOps principles. Simple CI/CD integration as well as console usage. …
  ☆65Updated 3 weeks ago
• hp271 / awesome-dev-first-security
  A curated collection of tools and resources for building security with a developer first approach.
  ☆28Updated 2 years ago
• chainguard-dev / bom-shelter
  A place to systematically store software bill of materials (SBOM) documents.
  ☆46Updated 2 years ago
• scanoss / sbom-workbench
  The SCANOSS SBOM Workbench graphical user interface to scan and audit your source code.
  ☆56Updated this week
• meta-fun / awesome-software-supply-chain-security
  Sharing software supply chain security open source projects
  ☆50Updated 2 years ago
• iriusrisk / startleft
  StartLeft is an automation tool for generating Threat Models written in the Open Threat Model (OTM) format from a variety of different so…
  ☆51Updated last week
• Prelude-SIEM / prelude-correlator
  The official Prelude-Correlator GitHub mirror of https://www.prelude-siem.org/projects/prelude-correlator/repository
  ☆10Updated 4 years ago
• Vulnetix / vulnetix
  Automate vulnerability triage which prioritizes remediation over discovery
  ☆19Updated last week
• eBay / DASTProxy
  ☆58Updated 6 months ago
• OSSIndex / vulns
  Report missing advisories and corrections on OSS Index
  ☆17Updated 2 years ago
• interlynk-io / sbomgr
  SBOM Search - Context aware search in SBOM repositories
  ☆28Updated last week
• stevespringett / owasp-risk-rating-calculator
  A Java library for programmatically calculating OWASP Risk Rating scores
  ☆18Updated 2 years ago
• SecureStackCo / visualizing-software-supply-chain
  A project to visualize the software supply chain
  ☆51Updated last year
• franksec42 / Vulnerability-management-maturity
  Maturity Model Collaborative project
  ☆15Updated 2 years ago
• anchore / grype-db
  ☆50Updated this week
• ossf / security-reviews
  A community collection of security reviews of open source software components.
  ☆95Updated last year
• cairis-platform / cairis
  Computer Aided Integration of Requirements and Information Security - Server
  ☆164Updated 10 months ago
• appsecco / owasp-threat-dragon-gitlab
  OWASP Threat Dragon with Gitlab Integration
  ☆27Updated 7 years ago
• OWASP / Cloud-Native-Application-Security-Top-10
  ☆20Updated 6 years ago
• OWASP / packman
  A documentation and tracking project with the goal of making package management systems more secure.
  ☆50Updated 4 years ago
• ozontech / dtrack-audit
  OWASP Dependency Track API client for intergration into CI/CD pipeline
  ☆54Updated 11 months ago
• semgrep / semgrep-docs
  Documentation of Semgrep: a fast, open-source, static analysis tool.
  ☆41Updated this week
• dowjones / reapsaw
  Reapsaw is a continuous security devsecops tool, which helps in enabling security into CI/CD Pipeline. It supports coverage for multiple …
  ☆41Updated 4 years ago
• Threagile / run-threagile-action
  GitHub action to run Threagile, the agile threat modeling toolkit, on a repo's threagile.yaml file
  ☆13Updated last year
• OWASP / cwe-tool
  A command line CWE discovery tool based on OWASP / CAPSEC database of Common Weakness Enumeration.
  ☆59Updated last month
• fabric8-analytics / cvedb
  CVE database
  ☆21Updated 4 years ago
• swagitda / security-decision-trees-graphviz
  Decision trees generated via Graphviz to inform pragmatic threat modelling.
  ☆11Updated 4 years ago
• OtherDevOpsGene / zap-sonar-plugin
  Integrates OWASP Zed Attack Proxy reports into SonarQube
  ☆70Updated last year