google / osv-scalibrLinks
OSV-SCALIBR: A library for Software Composition Analysis
☆398Updated this week
Alternatives and similar repositories for osv-scalibr
Users that are interested in osv-scalibr are comparing it to the libraries listed below
Sorting:
- A repository of reports of malicious packages identified in Open Source package repositories, consumable via the Open Source Vulnerabilit…☆322Updated this week
- Open Source Vulnerability schema.☆205Updated this week
- Vanir is a source code-based static analysis tool that automatically identifies the list of missing security patches in the target system…☆339Updated last month
- OpenVEX Specification☆155Updated 2 months ago
- A compilation of Software Supply Chain Security resources including initiatives, standards, regulations, organizations, vendors, tooling,…☆135Updated last year
- boostsecurityio/poutine☆308Updated this week
- kntrl is an eBPF based runtime agent that monitors and prevents anomalous behaviour defined by you on your pipeline. kntrl achieves this …☆116Updated 2 months ago
- Enrich SBOMs with data from third party services☆181Updated 2 weeks ago
- ClusterFuzzLite - Simple continuous fuzzing that runs in CI.☆493Updated 8 months ago
- A universal SBOM representation in protocol buffers☆296Updated 2 weeks ago
- Scans Software Bill of Materials (SBOMs) for security vulnerabilities☆574Updated 4 months ago
- Format agnostic SBOM tooling☆112Updated last week
- Resources for the deps.dev API☆330Updated last week
- Generate a score for your sbom to understand if it will actually be useful.☆230Updated 11 months ago
- ☆99Updated this week
- Tool for collecting vulnerability data from various sources (used to build the grype database)☆101Updated this week
- PURL to CPE Relationship mapping project.☆91Updated this week
- A tool to create, transform and attest VEX metadata☆149Updated this week
- Vulnerability database and package search for sources such as Linux, OSV, NVD, GitHub and npm. Powered by sqlite, CVE 5.1, purl, and vers…☆122Updated this week
- Utility that provides an API platform for validating, querying and managing BOM data☆117Updated this week
- Semgrep queries developed by Trail of Bits.☆419Updated 2 weeks ago
- The OpenSSF Vulnerability Disclosures Working Group seeks to help improve the overall security of the open source software ecosystem by h…☆194Updated this week
- A standard API specification for exchanging supply chain artifacts and intelligence☆83Updated last month
- An open-source dataset of malicious software packages found in the wild, 100% vetted by humans.☆214Updated this week
- ☆79Updated 6 months ago
- Runtime Security Solution for your CI/CD Pipeline☆108Updated last month
- A compilation of resources in the software supply chain security domain, with emphasis on open source☆325Updated 2 years ago
- SBOM Assess - Evaluate SBOM quality and compliance☆221Updated this week
- Protect against malicious open source packages 🤖☆627Updated this week
- Software Supply Chain Security Platform☆344Updated this week