ossf/security-insights external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

ossf/security-insights

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/ossf/security-insights)

Close

ossf / security-insightsView on GitHubMore

• External links
• Readme badge

Machine-readable specification for the attestation of security-relevant data.

☆75Apr 17, 2026Updated 2 weeks ago

Alternatives and similar repositories for security-insights

Users that are interested in security-insights are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• privateerproj / privateer

  View on GitHub
  Privateer is a plugin-based framework for security & compliance evaluations.
  ☆20Updated this week
• kusaridev / skootrs

  View on GitHub
  A CLI tool for creating secure by design/default source repos.
  ☆28Jul 29, 2024Updated last year
• ossf / scorecard-monitor

  View on GitHub
  Simplify OpenSSF Scorecard tracking in your organization with automated markdown and JSON reports, plus optional GitHub issue alerts
  ☆48Apr 25, 2026Updated last week
• ossf / wg-orbit

  View on GitHub
  ORBIT: Open Resources for Baselines, Interoperability, and Tooling
  ☆24Mar 19, 2026Updated last month
• AevaOnline / supply-chain-synthesis

  View on GitHub
  Collating an overview of the open source software supply chain landscape -- and synthesizing that survey in a hopefully-useful way.
  ☆33Apr 4, 2023Updated 3 years ago
• Deploy to Railway using AI coding agents - Free Credits Offer • Ad
  Use Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
• SBOMit / specification

  View on GitHub
  ☆81Dec 10, 2025Updated 4 months ago
• mlieberman85 / scq

  View on GitHub
  Supply Chain Query Tool
  ☆13May 25, 2022Updated 3 years ago
• ossf / pvtr-github-repo-scanner

  View on GitHub
  Privateer plugin for scanning the security hygiene of a GitHub repository.
  ☆23Updated this week
• ossf / tac

  View on GitHub
  Technical Advisory Council
  ☆141Apr 14, 2026Updated 2 weeks ago
• ossf / sbom-everywhere

  View on GitHub
  Improve Software Bill of Materials (SBOM) tooling and training to encourage adoption
  ☆113Feb 28, 2026Updated 2 months ago
• CycloneDX / transparency-exchange-api

  View on GitHub
  A standard API specification for exchanging supply chain artifacts and intelligence
  ☆106Mar 25, 2026Updated last month
• ossf / ai-ml-security

  View on GitHub
  Working Group on Artificial Intelligence and Machine Learning (AI/ML) Security
  ☆166Dec 19, 2025Updated 4 months ago
• github-community-projects / ospo-reusable-workflows

  View on GitHub
  Centralized Reusable GitHub Actions
  ☆20Apr 21, 2026Updated last week
• seedwing-io / seedwing-policy

  View on GitHub
  A functional type system for policy inspection, audit and enforcement.
  ☆14Aug 17, 2023Updated 2 years ago
• Deploy to Railway using AI coding agents - Free Credits Offer • Ad
  Use Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
• nyph-infosec / daggerboard

  View on GitHub
  ☆102Sep 27, 2024Updated last year
• gemaraproj / gemara

  View on GitHub
  Minimizing rework for governance activities.
  ☆50Apr 21, 2026Updated last week
• spdx / ntia-conformance-checker

  View on GitHub
  Validate the SPDX SBOM against NTIA, CISA, and other minimum element requirements.
  ☆86Apr 20, 2026Updated last week
• anchore / nvd-data-overrides

  View on GitHub
  ☆50Apr 24, 2026Updated last week
• ossf / security-reviews

  View on GitHub
  A community collection of security reviews of open source software components.
  ☆99Feb 29, 2024Updated 2 years ago
• ossf / security-baseline

  View on GitHub
  ☆153Updated this week
• ossf / wg-best-practices-os-developers

  View on GitHub
  The Best Practices for OSS Developers working group is dedicated to raising awareness and education of secure code best practices for ope…
  ☆1,011Apr 24, 2026Updated last week
• bomctl / bomctl

  View on GitHub
  Format agnostic SBOM tooling
  ☆137Nov 20, 2025Updated 5 months ago
• mlieberman85 / supply-chain-examples

  View on GitHub
  ☆23Oct 26, 2021Updated 4 years ago
• Deploy to Railway using AI coding agents - Free Credits Offer • Ad
  Use Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
• scanoss / purl2cpe

  View on GitHub
  PURL to CPE Relationship mapping project.
  ☆115Updated this week
• openvex / spec

  View on GitHub
  OpenVEX Specification
  ☆173Jan 16, 2026Updated 3 months ago
• mitre / hipcheck

  View on GitHub
  Automatically assess and score software repositories for supply chain risk.
  ☆124Apr 23, 2026Updated last week
• in-toto / archivista

  View on GitHub
  Archivista is a graph and storage service for in-toto attestations. Archivista enables the discovery and retrieval of attestations for so…
  ☆109Updated this week
• interlynk-io / sbomgr

  View on GitHub
  SBOM Search - Context aware search in SBOM repositories
  ☆32Nov 24, 2025Updated 5 months ago
• chainguard-sandbox / bom-shelter

  View on GitHub
  A place to systematically store software bill of materials (SBOM) documents.
  ☆50Jun 1, 2023Updated 2 years ago
• sigstore / rekor-monitor

  View on GitHub
  Log monitor for Rekor to verify immutability and monitor entries
  ☆51Updated this week
• ossf / wg-vulnerability-disclosures

  View on GitHub
  The OpenSSF Vulnerability Disclosures Working Group seeks to help improve the overall security of the open source software ecosystem by h…
  ☆217Feb 4, 2026Updated 2 months ago
• guacsec / guac

  View on GitHub
  GUAC aggregates software security metadata into a high fidelity graph database.
  ☆1,481Updated this week
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
• github-community-projects / contributors

  View on GitHub
  GitHub Action that given an organization or repository, produces information about the contributors over the specified time period.
  ☆145Apr 20, 2026Updated last week
• CVEProject / cve-documents

  View on GitHub
  Source for official CVE Program policy documents.
  ☆18Jan 28, 2026Updated 3 months ago
• ossf / scorecard-visualizer

  View on GitHub
  Tool for visualizing the Open SSF Scorecard Api data in a human friendly way
  ☆18Updated this week
• anchore / vulnerability-data-tools

  View on GitHub
  ☆18Apr 24, 2026Updated last week
• gcve-eu / gcve

  View on GitHub
  A Python client for the Global CVE Allocation System.
  ☆18Mar 26, 2026Updated last month
• hughsie / python-uswid

  View on GitHub
  A tiny tool for embedding CoSWID tags in EFI binaries
  ☆25Mar 16, 2026Updated last month
• mindersec / minder

  View on GitHub
  Software Supply Chain Security Platform
  ☆399Apr 24, 2026Updated last week