ossf/security-insights external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

ossf/security-insights

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/ossf/security-insights)

Close

ossf / security-insightsView on GitHubMore

• External links
• Readme badge

Machine-readable specification for the attestation of security-relevant data.

☆73Mar 19, 2026Updated 3 weeks ago

Alternatives and similar repositories for security-insights

Users that are interested in security-insights are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• privateerproj / privateer

  View on GitHub
  Privateer is a plugin-based framework for security & compliance evaluations.
  ☆19Updated this week
• ossf / wg-orbit

  View on GitHub
  ORBIT: Open Resources for Baselines, Interoperability, and Tooling
  ☆22Mar 19, 2026Updated 3 weeks ago
• AevaOnline / supply-chain-synthesis

  View on GitHub
  Collating an overview of the open source software supply chain landscape -- and synthesizing that survey in a hopefully-useful way.
  ☆33Apr 4, 2023Updated 3 years ago
• SBOMit / specification

  View on GitHub
  ☆80Dec 10, 2025Updated 4 months ago
• mlieberman85 / scq

  View on GitHub
  Supply Chain Query Tool
  ☆13May 25, 2022Updated 3 years ago
• Open source password manager - Proton Pass • Ad
  Securely store, share, and autofill your credentials with Proton Pass, the end-to-end encrypted password manager trusted by millions.
• ossf / pvtr-github-repo-scanner

  View on GitHub
  Privateer plugin for scanning the security hygiene of a GitHub repository.
  ☆21Updated this week
• ossf / tac

  View on GitHub
  Technical Advisory Council
  ☆139Apr 2, 2026Updated last week
• ossf / sbom-everywhere

  View on GitHub
  Improve Software Bill of Materials (SBOM) tooling and training to encourage adoption
  ☆112Feb 28, 2026Updated last month
• ossf / ai-ml-security

  View on GitHub
  Working Group on Artificial Intelligence and Machine Learning (AI/ML) Security
  ☆161Dec 19, 2025Updated 3 months ago
• ossf / scorecard-monitor

  View on GitHub
  Simplify OpenSSF Scorecard tracking in your organization with automated markdown and JSON reports, plus optional GitHub issue alerts
  ☆47Mar 28, 2026Updated 2 weeks ago
• github-community-projects / ospo-reusable-workflows

  View on GitHub
  Centralized Reusable GitHub Actions
  ☆20Apr 3, 2026Updated last week
• nyph-infosec / daggerboard

  View on GitHub
  ☆102Sep 27, 2024Updated last year
• gemaraproj / gemara

  View on GitHub
  Minimizing rework for governance activities.
  ☆49Updated this week
• anchore / nvd-data-overrides

  View on GitHub
  ☆50Apr 3, 2026Updated last week
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting with the flexibility to host WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Cloudways by DigitalOcean.
• CycloneDX / transparency-exchange-api

  View on GitHub
  A standard API specification for exchanging supply chain artifacts and intelligence
  ☆106Mar 25, 2026Updated 2 weeks ago
• ossf / security-reviews

  View on GitHub
  A community collection of security reviews of open source software components.
  ☆99Feb 29, 2024Updated 2 years ago
• bomctl / bomctl

  View on GitHub
  Format agnostic SBOM tooling
  ☆136Nov 20, 2025Updated 4 months ago
• mlieberman85 / supply-chain-examples

  View on GitHub
  ☆23Oct 26, 2021Updated 4 years ago
• scanoss / purl2cpe

  View on GitHub
  PURL to CPE Relationship mapping project.
  ☆113Updated this week
• ossf / wg-best-practices-os-developers

  View on GitHub
  The Best Practices for OSS Developers working group is dedicated to raising awareness and education of secure code best practices for ope…
  ☆1,005Updated this week
• openvex / spec

  View on GitHub
  OpenVEX Specification
  ☆172Jan 16, 2026Updated 2 months ago
• mitre / hipcheck

  View on GitHub
  Automatically assess and score software repositories for supply chain risk.
  ☆122Mar 24, 2026Updated 2 weeks ago
• interlynk-io / sbomgr

  View on GitHub
  SBOM Search - Context aware search in SBOM repositories
  ☆32Nov 24, 2025Updated 4 months ago
• DigitalOcean Gradient AI Platform • Ad
  Build production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
• chainguard-sandbox / bom-shelter

  View on GitHub
  A place to systematically store software bill of materials (SBOM) documents.
  ☆50Jun 1, 2023Updated 2 years ago
• CERTCC / SSVC

  View on GitHub
  Stakeholder-Specific Vulnerability Categorization
  ☆177Apr 3, 2026Updated last week
• ossf / wg-vulnerability-disclosures

  View on GitHub
  The OpenSSF Vulnerability Disclosures Working Group seeks to help improve the overall security of the open source software ecosystem by h…
  ☆216Feb 4, 2026Updated 2 months ago
• spdx / ntia-conformance-checker

  View on GitHub
  Validate the SPDX SBOM against NTIA, CISA, and other minimum element requirements.
  ☆85Mar 30, 2026Updated last week
• guacsec / guac

  View on GitHub
  GUAC aggregates software security metadata into a high fidelity graph database.
  ☆1,472Updated this week
• github-community-projects / contributors

  View on GitHub
  GitHub Action that given an organization or repository, produces information about the contributors over the specified time period.
  ☆144Updated this week
• CVEProject / cve-documents

  View on GitHub
  Source for official CVE Program policy documents.
  ☆18Jan 28, 2026Updated 2 months ago
• anchore / vulnerability-data-tools

  View on GitHub
  ☆16Updated this week
• gcve-eu / gcve

  View on GitHub
  A Python client for the Global CVE Allocation System.
  ☆17Mar 26, 2026Updated 2 weeks ago
• DigitalOcean Gradient AI Platform • Ad
  Build production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
• spdx / meetings

  View on GitHub
  This repository stores meetings minutes for the SPDX project
  ☆40Apr 1, 2026Updated last week
• ossf / security-baseline

  View on GitHub
  ☆149Updated this week
• hughsie / python-uswid

  View on GitHub
  A tiny tool for embedding CoSWID tags in EFI binaries
  ☆26Mar 16, 2026Updated 3 weeks ago
• ossf / oss-vulnerability-guide

  View on GitHub
  A guide on coordinated vulnerability disclosure for open source projects. Includes templates for security policies (security.md) and disc…
  ☆135Nov 15, 2025Updated 4 months ago
• protobom / protobom

  View on GitHub
  A universal SBOM representation in protocol buffers
  ☆322Updated this week
• orcwg / cra-hub

  View on GitHub
  Everything you ever wanted to know about the CRA and its implementation
  ☆165Mar 31, 2026Updated last week
• ossf / ossf-landscape

  View on GitHub
  ☆31Apr 1, 2026Updated last week