mercedes-benz / sechubLinks
SecHub provides a central API to test software with different security tools.
☆344Updated this week
Alternatives and similar repositories for sechub
Users that are interested in sechub are comparing it to the libraries listed below
Sorting:
- Scans Software Bill of Materials (SBOMs) for security vulnerabilities☆578Updated 5 months ago
- CI/CD Security Analyzer☆668Updated 6 months ago
- Detect and remediate misconfigurations and security risks across all your GitHub and GitLab assets☆815Updated 5 months ago
- A cli that can be used to query various online vulnerability sources such as the NVD or GHSA. The CLI and docker images can be used to mi…☆147Updated last week
- ☆118Updated 4 months ago
- SecObserve is an open source vulnerability and license management system for software development teams and cloud environments. It suppor…☆157Updated this week
- OWASP Foundation Web Respository☆97Updated 7 months ago
- Too many secrets (2MS) helps people protect their secrets on any file or on systems like CMS, chats and git☆107Updated this week
- Use AI to Scan Your Code from the Command Line for security and code smells. Bring your own keys. Supports OpenAI and Gemini☆174Updated 4 months ago
- boostsecurityio/poutine☆309Updated last week
- Software Component Verification Standard (SCVS)☆149Updated 4 months ago
- Creates CycloneDX Bill of Materials (BOM) for your projects from source and container images. Supports many languages and package manager…☆767Updated this week
- Macaron is an extensible supply-chain security analysis framework from Oracle Labs that supports a wide range of build systems and CI/CD …☆167Updated this week
- sbomqs: The Comprehensive SBOM Quality & Compliance Tool☆227Updated this week
- A repository with examples of CycloneDX BOMs (SBOM, SaaSBOM, OBOM, VEX, etc)☆200Updated 4 months ago
- CycloneDX CLI tool for SBOM analysis, merging, diffs and format conversions.☆396Updated last week
- Utility that provides an API platform for validating, querying and managing BOM data☆118Updated last week
- OWASP dep-scan is a next-generation security and risk audit tool based on known vulnerabilities, advisories, and license limitations for …☆1,158Updated 2 weeks ago
- GitHub Actions Goat: Deliberately Vulnerable GitHub Actions CI/CD Environment☆479Updated 2 months ago
- Enrich SBOMs with data from third party services☆189Updated this week
- Generate a score for your sbom to understand if it will actually be useful.☆233Updated last year
- Software Supply Chain Security Platform☆347Updated this week
- A comprehensive list of software composition analysis tools.☆154Updated last year
- OWASP CycloneDX is a full-stack Bill of Materials (BOM) standard that provides advanced supply chain capabilities for cyber risk reductio…☆418Updated this week
- CNAPPgoat is an open source project designed to modularly provision vulnerable-by-design components in cloud environments.☆287Updated 11 months ago
- ☆83Updated 7 months ago
- The OWASP DevSecOps Guideline explains how we can implement a secure pipeline and use best practices and introduce tools that we can use …☆70Updated last year
- A full insecure kubernetes application for testing security tools☆89Updated 4 months ago
- Practical resources for offensive CI/CD security research. Curated the best resources I've seen since 2021.☆536Updated 6 months ago
- Tool to detect secrets in source code management systems.☆160Updated 2 months ago