madpah / vexy
Generate VEX (Vulnerability Exploitability Exchange) CycloneDX documents
☆19Updated last year
Related projects ⓘ
Alternatives and complementary repositories for vexy
- A standard API specification for exchanging supply chain artifacts and intelligence☆59Updated this week
- SBOM Assembler - A tool to edit SBOM or assemble multiple sboms into a single sbom.☆57Updated 3 weeks ago
- Check SPDX SBOM for NTIA minimum elements☆53Updated last week
- Utility that provides an API platform for validating, querying and managing BOM data☆95Updated this week
- Python implementation of OWASP CycloneDX☆70Updated this week
- The model for the information captured in SPDX version 3 standard.☆71Updated this week
- Measure release insights and recommendations for open-source dependencies. Note: this project is archived.☆11Updated last year
- A BOM repository server for distributing CycloneDX BOMs☆74Updated 8 months ago
- SBOM quality score - Quality metrics for your sboms☆186Updated this week
- PURL to CPE Relationship mapping project.☆78Updated this week
- Find & pull public SBOMs☆16Updated 2 months ago
- Improve Software Bill of Materials (SBOM) tooling and training to encourage adoption☆72Updated last month
- Incubating project for decoupling responsibilities from Dependency-Track's monolithic API server into separate, scalable services.☆61Updated this week
- Generate a score for your sbom to understand if it will actually be useful.☆221Updated 3 months ago
- Utility that converts SBOM documents from CycloneDX to SPDX☆29Updated 10 months ago
- Examples and proof-of-concept for Software Bill of Materials (SBOM) code & data☆57Updated 7 months ago
- Utility that provides an API and CLI to identify licenses and legal terms☆42Updated 5 months ago
- A place to systematically store software bill of materials (SBOM) documents.☆44Updated last year
- Parse and compare all the package versions and all the ranges. From debian, npm, pypi, ruby and more. Process all the version range specs…☆32Updated last month
- OPENSSF SECURITY INSIGHTS: Repository for development of the draft standard, where requests for modification should be made via Github Is…☆50Updated 2 months ago
- Format agnostic SBOM tooling☆80Updated this week
- ☆101Updated last month
- Lockheed Martin developed utility to generate CycloneDX SBOMs for Linux distributions☆39Updated 6 months ago
- Enrich SBOMs with data from third party services☆117Updated 2 weeks ago
- Low-effort reachability analysis for third-party code vulnerabilities.☆19Updated last year
- Software Component Verification Standard (SCVS)☆135Updated 7 months ago
- Python implementation of the package url spec. This project is sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydatabase…☆71Updated 3 weeks ago
- SPDX Merge tool☆39Updated 2 months ago
- This repo. is archived. The utility is now at: https://github.com/CycloneDX/sbom-utility☆61Updated last year
- Repository for on-going work as part of the AIBOM Tiger Team effort.☆17Updated 2 months ago