☆141Updated this week
Alternatives and similar repositories for security-baseline
Users that are interested in security-baseline are comparing it to the libraries listed below
Sorting:
- Privateer plugin for scanning the security hygiene of a GitHub repository.☆20Updated this week
- Simplify OpenSSF Scorecard tracking in your organization with automated markdown and JSON reports, plus optional GitHub issue alerts☆42Updated this week
- Validate the SPDX SBOM against NTIA, CISA, and other minimum element requirements.☆81Feb 20, 2026Updated last week
- Format agnostic SBOM tooling☆132Nov 20, 2025Updated 3 months ago
- Working Group on Artificial Intelligence and Machine Learning (AI/ML) Security☆149Dec 19, 2025Updated 2 months ago
- ORBIT: Open Resources for Baselines, Interoperability, and Tooling☆21Updated this week
- sbomasm: The Complete SBOM Management Toolkit☆105Updated this week
- The S2C2F Project is a group working within the OpenSSF's Supply Chain Integrity Working Group formed to further develop and continuously…☆227May 26, 2025Updated 9 months ago
- A TUF repository and signing tool☆43Updated this week
- ☆49Updated this week
- Machine-readable specification for the attestation of security-relevant data.☆72Updated this week
- A Yocto meta-layer for generating CycloneDX SBOMs☆23Updated this week
- SBOM Vulnerability Scanning & Assessment tool☆54Updated this week
- ☆16Updated this week
- Run multiple-node, decentralized k3s clusters on Github action runners for test and development!☆11Nov 20, 2021Updated 4 years ago
- Generate JSON Schema from various sources (terraform, helm)☆11Sep 4, 2025Updated 5 months ago
- Vuln Disclosure WG's new SIG☆11Jan 2, 2024Updated 2 years ago
- SBOM Search - Context aware search in SBOM repositories☆29Nov 24, 2025Updated 3 months ago
- Technical Advisory Council☆135Feb 17, 2026Updated last week
- Supply-Chain Firewall (SCFW) is a tool for preventing the installation of malicious npm and PyPI packages☆215Feb 23, 2026Updated last week
- Tool for visualizing the Open SSF Scorecard Api data in a human friendly way☆19Nov 27, 2025Updated 3 months ago
- Repository containing a set of policies for aws resources created with terraform☆12Sep 16, 2019Updated 6 years ago
- The model for the information captured in SPDX version 3 standard.☆98Updated this week
- FINOS Common Cloud Controls☆77Updated this week
- Scan your account for the use of untrusted AMIs☆31Feb 13, 2026Updated 2 weeks ago
- This repository contains the reference material related to the OpenChain Project☆105Dec 15, 2025Updated 2 months ago
- A standard API specification for exchanging supply chain artifacts and intelligence☆100Feb 20, 2026Updated last week
- TACOS framework structural details☆20May 12, 2025Updated 9 months ago
- Generate a score for your sbom to understand if it will actually be useful.☆238Aug 13, 2024Updated last year
- A Java library for programmatically calculating OWASP Risk Rating scores☆19Apr 3, 2023Updated 2 years ago
- CSIRT Tooling: Best Practices in Developing, Maintaining and Distributing Open Source Tools☆16Updated this week
- Software Supply Chain Security Platform☆375Feb 23, 2026Updated last week
- Log monitor for Rekor to verify immutability and monitor entries☆47Updated this week
- OWASP Foundation Web Respository☆17Jun 1, 2022Updated 3 years ago
- The Covert Channel Educational Analysis Protocol (CCEAP) is a network protocol designed for teaching covert channels to professionals and�…☆15Apr 17, 2025Updated 10 months ago
- A Python library to parse, validate and create SPDX documents.☆238Jan 16, 2026Updated last month
- OpenSSF Working Group on Securing Software Repositories☆128Dec 18, 2025Updated 2 months ago
- Operator providing Kubernetes cluster compliance checks☆52Updated this week
- Analyzes software dependencies across GitHub repositories to identify security vulnerabilities and health risks in your supply chain.☆120Dec 9, 2025Updated 2 months ago