in-toto / supply-chain-compromisesLinks
☆22Updated 3 years ago
Alternatives and similar repositories for supply-chain-compromises
Users that are interested in supply-chain-compromises are comparing it to the libraries listed below
Sorting:
- A dataset of software supply chain compromises. Please help us maintain it!☆130Updated 3 years ago
- Feed parsing for language package manager updates☆79Updated 10 months ago
- ☆93Updated 3 years ago
- A community collection of security reviews of open source software components.☆95Updated last year
- Going Florida on container keyring masks. A tool to demonstrate the ineffectivity containers have on isolating Linux Kernel keyrings.☆44Updated last week
- A taxonomy of attacks on software supply chains in the form of an attack tree, based on and linked to numerous real-world incidents and o…☆79Updated last month
- Provide a shell like interface by utilizing osquery's distributed API☆81Updated 5 years ago
- Stakeholder-Specific Vulnerability Categorization☆166Updated last week
- Container Blackbox Security Auditing Tool: enumerates security configuration from within the target container☆105Updated 6 years ago
- CVE.ICU code.☆47Updated this week
- The OpenSSF Vulnerability Disclosures Working Group seeks to help improve the overall security of the open source software ecosystem by h…☆201Updated 3 weeks ago
- Scans every git push to your Github organisations to find unwanted secrets.☆87Updated 5 months ago
- App that simplifies building decision trees to model adverse scenarios☆218Updated last year
- Global Security Database Tools☆43Updated last year
- Security scanning & static analysis tool☆94Updated last year
- Technical Advisory Council☆131Updated last week
- egrets monitors egress☆46Updated 5 years ago
- ☆99Updated last month
- A tool to automatically build a dependency graph and Software Bill of Materials (SBOM) for packages and arbitrary source code repositorie…☆372Updated this week
- ☆48Updated this week
- This repo is a consolidation of Secure Software Supply Chain resources, such as talks, whitepapers, conferences and more.☆139Updated 3 years ago
- Automated testing, generation & manipulation of #osquery packs☆73Updated last year
- CVSS2/3/4 library with interactive calculator for Python 2 and Python 3☆108Updated 2 months ago
- GCP CSPM using Google Sheets☆37Updated 6 months ago
- A place to systematically store software bill of materials (SBOM) documents.☆47Updated 2 years ago
- Tool for collecting vulnerability data from various sources (used to build the grype database)☆102Updated this week
- ☆28Updated 5 years ago
- VINCE is the Vulnerability Information and Coordination Environment developed and used by the CERT Coordination Center to improve coordin…☆81Updated 3 weeks ago
- K8s API Honeypot with Active Defense Capabilities☆42Updated last year
- ☆68Updated 3 months ago