☆147Mar 19, 2026Updated this week
Alternatives and similar repositories for security-baseline
Users that are interested in security-baseline are comparing it to the libraries listed below
Sorting:
- ORBIT: Open Resources for Baselines, Interoperability, and Tooling☆21Feb 28, 2026Updated 3 weeks ago
- Simplify OpenSSF Scorecard tracking in your organization with automated markdown and JSON reports, plus optional GitHub issue alerts☆44Feb 28, 2026Updated 3 weeks ago
- Format agnostic SBOM tooling☆133Nov 20, 2025Updated 4 months ago
- Privateer is a plugin-based framework for security & compliance evaluations.☆18Updated this week
- Global Cyber Policy Working Group☆109Mar 11, 2026Updated last week
- Working Group on Artificial Intelligence and Machine Learning (AI/ML) Security☆156Dec 19, 2025Updated 3 months ago
- Vuln Disclosure WG's new SIG☆11Jan 2, 2024Updated 2 years ago
- Minimizing rework for governance activities.☆46Updated this week
- A TUF repository and signing tool☆43Updated this week
- Machine-readable specification for the attestation of security-relevant data.☆73Feb 24, 2026Updated 3 weeks ago
- The S2C2F Project is a group working within the OpenSSF's Supply Chain Integrity Working Group formed to further develop and continuously…☆227May 26, 2025Updated 9 months ago
- Log monitor for Rekor to verify immutability and monitor entries☆48Updated this week
- Supply-Chain Firewall (SCFW) is a tool for preventing the installation of malicious npm and PyPI packages☆218Mar 13, 2026Updated last week
- sbomasm: The Complete SBOM Management Toolkit☆106Updated this week
- ☆20Jul 16, 2025Updated 8 months ago
- Technical Advisory Council☆136Mar 4, 2026Updated 2 weeks ago
- SBOM Search - Context aware search in SBOM repositories☆30Nov 24, 2025Updated 3 months ago
- A Python client for the Global CVE Allocation System.☆17Jan 31, 2026Updated last month
- Source for official CVE Program policy documents.☆18Jan 28, 2026Updated last month
- A Yocto meta-layer for generating CycloneDX SBOMs☆23Mar 13, 2026Updated last week
- ☆16Updated this week
- A standard API specification for exchanging supply chain artifacts and intelligence☆103Mar 13, 2026Updated last week
- A Python library to parse, validate and create SPDX documents.☆240Mar 13, 2026Updated last week
- FINOS Common Cloud Controls☆78Updated this week
- Website and API for OpenSSF Scorecard☆28Updated this week
- A library to convert between Sigstore Bundles and PEP 740 Attestation objects☆14Updated this week
- ☆57Mar 2, 2026Updated 2 weeks ago
- OpenSSF Working Group on Securing Software Repositories☆128Dec 18, 2025Updated 3 months ago
- Our mission is to catalyze sustainable improvements to critical open source software projects and ecosystems.☆116Updated this week
- Generate a score for your sbom to understand if it will actually be useful.☆239Aug 13, 2024Updated last year
- The Best Practices for OSS Developers working group is dedicated to raising awareness and education of secure code best practices for ope…☆999Updated this week
- Cause sometimes you just need to dance ...☆10Oct 21, 2019Updated 6 years ago
- The model for the information captured in SPDX version 3 standard.☆99Mar 14, 2026Updated last week
- Perform code analysis to detect potentially dangerous vulnerabilities☆13Apr 16, 2024Updated last year
- A self assessment tool to help understand your level in the SANS Vulnerability Management Maturity Model (VMMM).☆53Nov 24, 2025Updated 3 months ago
- DevOps Playground for karma mocha chai sinon istanbul codecov☆14May 23, 2020Updated 5 years ago
- Red team oriented key finder and correlator☆21Nov 21, 2025Updated 4 months ago
- SBOM Vulnerability Scanning & Assessment tool☆55Mar 13, 2026Updated last week
- GUAC aggregates software security metadata into a high fidelity graph database.☆1,454Updated this week