microsoft/scim

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/microsoft/scim)

microsoft / scim

Supply Chain Integrity Model

☆106

Alternatives and similar repositories for scim

Users that are interested in scim are comparing it to the libraries listed below

Sorting:

philips-labs / fatt
View on GitHub
fatt tries to find any purl in your project by looking at predefined fields in the supported packages. These fields describe using a purl…
☆11Jan 26, 2026Updated last month
in-toto / in-toto-golang
View on GitHub
A Go implementation of in-toto. in-toto is a framework to protect software supply chain integrity.
☆145Feb 13, 2026Updated 2 weeks ago
mlieberman85 / scq
View on GitHub
Supply Chain Query Tool
☆13May 25, 2022Updated 3 years ago
awsctrl / manager
View on GitHub
Production grade Kubernetes controller for managing AWS Services using CRDs
☆16Apr 8, 2020Updated 5 years ago
mathieu-benoit / istio-gatekeeper-demos
View on GitHub
Demos and resources of the Istio + Gatekeeper talks at IstioCon 2022 and GitOpsCon 2022
☆14Sep 4, 2023Updated 2 years ago
ckotzbauer / vulnerability-operator
View on GitHub
Scans SBOMs for vulnerabilities with Grype
☆85Feb 21, 2026Updated last week
deislabs / image-layer-provenance
View on GitHub
Container image provenance spec that allows tracing CVEs detected in registry images back to a CVE's source of origin.
☆45Oct 30, 2023Updated 2 years ago
omnibor / site
View on GitHub
Website for OmniBOR, reproducible identifiers & fine-grained build dependency tracking for software artifacts.
☆21Jan 27, 2025Updated last year
sigstore / community
View on GitHub
General sigstore community repo
☆44Updated this week
kusaridev / spector
View on GitHub
Tooling and library for generation, validation and verification of supply chain metadata documents and frameworks
☆33Apr 22, 2025Updated 10 months ago
chughes757 / SecureSoftwareSupplyChain
View on GitHub
This repo is a consolidation of Secure Software Supply Chain resources, such as talks, whitepapers, conferences and more.
☆139Jul 12, 2022Updated 3 years ago
ossf / security-reviews
View on GitHub
A community collection of security reviews of open source software components.
☆97Feb 29, 2024Updated 2 years ago
instrumenta / conftest-action
View on GitHub
A GitHub Action for using Conftest
☆33Nov 29, 2021Updated 4 years ago
SummitRoute / isolated_network_experiment
View on GitHub
CDK app to setup an isolated AWS network to experiment with ways of exfiltrating data
☆18Nov 18, 2021Updated 4 years ago
in-toto / supply-chain-compromises
View on GitHub
☆22Nov 27, 2021Updated 4 years ago
csaf-tools / CVRF-CSAF-Converter
View on GitHub
A CVRF CSAF Converter, taking care about OASIS specification.
☆10Jun 4, 2025Updated 8 months ago
sozercan / guac-ai-mole
View on GitHub
🥑 Inspect and understand an organization's software supply chain using AI to enable stakeholders to make actionable decisions about soft…
☆22Apr 15, 2024Updated last year
sigstore / sget
View on GitHub
☆23Mar 13, 2023Updated 2 years ago
appsecpipeline / gasp-docker
View on GitHub
Simple implementation of an AppSec Pipeline using the Gasp library
☆13Sep 8, 2019Updated 6 years ago
in-toto / in-toto-java
View on GitHub
A Java implementation of in-toto runlib
☆11Jul 23, 2024Updated last year
nirmata / kyverno-notation-aws
View on GitHub
Kyverno extension service for Notation and the AWS signer
☆15Updated this week
nyph-infosec / daggerboard
View on GitHub
☆102Sep 27, 2024Updated last year
SBOMit / specification
View on GitHub
☆76Dec 10, 2025Updated 2 months ago
chris-short / chkcerts
View on GitHub
A Go program to display certificate chains simply and quickly with an easy to remember syntax
☆28Oct 28, 2024Updated last year
oasis-tcs / csaf
View on GitHub
OASIS CSAF TC: Supporting version control for Work Product artifacts developed by members of TC, including prose specifications and secon…
☆210Updated this week
appvia / cosign-keyless-admission-webhook
View on GitHub
Kubernetes admission webhook that uses cosign verify to check the subject and issuer of the image matches what you expect
☆24Feb 19, 2026Updated last week
sbomtools / apt2sbom
View on GitHub
apt2sbom python package generates SPDX or CycloneDX files from Ubuntu APT and Python packaging information
☆25Feb 4, 2022Updated 4 years ago
wlynch / smimecosign
View on GitHub
Keyless Git signing with cosign!
☆11May 12, 2022Updated 3 years ago
xorrior / apfell-chrome-ext-payload
View on GitHub
Apfell POC Chrome Extension Payload
☆10Jun 24, 2020Updated 5 years ago
anandp219 / gotility
View on GitHub
A utility library for go
☆13Oct 26, 2017Updated 8 years ago
open-policy-agent / gatekeeper-external-data-provider
View on GitHub
A template repository for building external data providers for Gatekeeper.
☆12Aug 14, 2023Updated 2 years ago
lukehinds / policy-controller-demo
View on GitHub
demo of keyless signing with the sigstore kubernetes policy controller
☆11Sep 7, 2022Updated 3 years ago
mattmoor / zero-friction-actions
View on GitHub
An example repo demonstrating keyless signing with Github Actions
☆11May 24, 2022Updated 3 years ago
testifysec / solarsploit
View on GitHub
Red team tool that emulates the SolarWinds CI compromise attack vector.
☆24Mar 15, 2024Updated last year
CommunitySpecification / Community_Specification
View on GitHub
Community Specification 1.0
☆73Updated this week
transparencylog / tl
View on GitHub
verify https assets with a public transparency log
☆75Oct 28, 2021Updated 4 years ago
chainguard-dev / vex
View on GitHub
vexctl is a tool to attest VEX impact statements
☆45Mar 27, 2023Updated 2 years ago
microsoft / oss-ssc-framework
View on GitHub
Open Source Software Secure Supply Chain Framework
☆239Oct 28, 2022Updated 3 years ago
omnibor / omnibor-rs
View on GitHub
Rust implementation of OmniBOR, reproducible identifiers & fine-grained build dependency tracking for software artifacts.
☆28Jul 29, 2025Updated 6 months ago