fortify / fcli
fcli is a command-line utility for interacting with various Fortify products
☆36Updated this week
Alternatives and similar repositories for fcli:
Users that are interested in fcli are comparing it to the libraries listed below
- Software Component Verification Standard (SCVS)☆140Updated 10 months ago
- The OWASP DevSecOps Guideline explains how we can implement a secure pipeline and use best practices and introduce tools that we can use …☆62Updated 8 months ago
- Easy-to-use Threat modeling-as-a-Code (TaaC) solution following DevSecOps principles. Simple CI/CD integration as well as console usage. …☆61Updated 7 months ago
- VMClarity is a tool for agentless detection and management of Virtual Machine Software Bill Of Materials (SBOM) and vulnerabilities☆101Updated 4 months ago
- OWASP Foundation Web Respository☆54Updated last year
- Mixeway is security orchestrator for vulnerability scanners which enable easy plug in integration with CICD pipelines. MixewayHub project…☆109Updated 11 months ago
- Incubating project for decoupling responsibilities from Dependency-Track's monolithic API server into separate, scalable services.☆66Updated this week
- VMC: a Scalable, Open Source and Free Vulnerability Management Platform☆86Updated 3 weeks ago
- Utility that provides an API platform for validating, querying and managing BOM data☆102Updated 3 months ago
- A BOM repository server for distributing CycloneDX BOMs☆75Updated 11 months ago
- The SCANOSS SBOM Workbench graphical user interface to scan and audit your source code.☆48Updated last week
- Efficient DevSecOps☆47Updated 2 months ago
- ☆14Updated last year
- boostsecurityio/poutine☆252Updated this week
- Measure release insights and recommendations for open-source dependencies. Note: this project is archived.☆11Updated 2 years ago
- A curated list of Software Component Analysis (SCA) books, courses - free and paid, videos, tools, and tutorials.☆99Updated 2 months ago
- Sunshine - SBOM visualization tool☆38Updated 3 weeks ago
- Utility that provides an API and CLI to identify licenses and legal terms☆43Updated 8 months ago
- Scans Software Bill of Materials (SBOMs) for security vulnerabilities☆542Updated last week
- A compilation of Software Supply Chain Security resources including initiatives, standards, regulations, organizations, vendors, tooling,…☆130Updated last year
- Tool for collecting vulnerability data from various sources (used to build the grype database)☆83Updated this week
- A utility to (re-)import findings and language data into DefectDojo☆42Updated 4 months ago
- A standard API specification for exchanging supply chain artifacts and intelligence☆71Updated last week
- The Open Threat Modeling Format (OTM) defines a platform independent way to define the threat model of any system.☆171Updated 2 months ago
- CLI component of OWASP PurpleTeam☆127Updated last year
- A cli that can be used to query various online vulnerability sources such as the NVD or GHSA. The CLI and docker images can be used to mi…☆136Updated this week
- StartLeft is an automation tool for generating Threat Models written in the Open Threat Model (OTM) format from a variety of different so…☆49Updated last week
- A VS Code Extension for Trivy☆119Updated this week
- NamespaceHound is the tool for detecting the risk of potential namespace crossing violations in multi-tenant clusters.☆79Updated last month
- Sharing software supply chain security open source projects☆44Updated 2 years ago