The purpose of the Metrics & Metadata (formerly Identifying Security Threats) working group is to enable stakeholders to have informed confidence in the security of open source projects. We do this by collecting, curating, and communicating relevant metrics and metadata from open source projects and the ecosystems of which they are a part.
☆223Apr 23, 2024Updated 2 years ago
Alternatives and similar repositories for wg-metrics-and-metadata
Users that are interested in wg-metrics-and-metadata are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- OpenSSF Security Tooling Working Group☆324Jul 6, 2025Updated last year
- The OpenSSF Vulnerability Disclosures Working Group seeks to help improve the overall security of the open source software ecosystem by h…☆223Feb 4, 2026Updated 5 months ago
- Our objective is to enable open source maintainers, contributors and end-users to understand and make decisions on the provenance of the …☆207Jan 15, 2026Updated 5 months ago
- Helping allocate resources to secure the critical open source projects we all depend on.☆401May 8, 2025Updated last year
- Collect, curate, and communicate relevant security metrics for open source projects.☆63Mar 13, 2024Updated 2 years ago
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- The Best Practices for OSS Developers working group is dedicated to raising awareness and education of secure code best practices for ope…☆1,041Updated this week
- Technical Advisory Council☆147Jun 25, 2026Updated 2 weeks ago
- A community collection of security reviews of open source software components.☆99Feb 29, 2024Updated 2 years ago
- OpenSSF Governance and Legal Docs☆75Sep 9, 2025Updated 10 months ago
- OpenSSF Endusers Working Group☆28Mar 21, 2024Updated 2 years ago
- OpenSSF Working Group on Securing Software Repositories☆129Apr 6, 2026Updated 3 months ago
- Report missing advisories and corrections on OSS Index☆18Jan 19, 2023Updated 3 years ago
- The Great Multi-Factor Authentication (MFA) Distribution Project of the Open Source Security Foundation (OpenSSF). We work to distribute …☆54Dec 28, 2021Updated 4 years ago
- A guide on coordinated vulnerability disclosure for open source projects. Includes templates for security policies (security.md) and disc…☆139Apr 20, 2026Updated 2 months ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Build, edit, validate, and export CycloneDX BOMs through an intuitive browser-based interface☆22Jun 20, 2026Updated 2 weeks ago
- ☆27Mar 17, 2026Updated 3 months ago
- OpenSSF Scorecard - Security health metrics for Open Source☆5,557Updated this week
- Secure Software Development Fundamentals courses (from the OpenSSF Best Practices WG)☆203May 22, 2026Updated last month
- AIBOM Workshop RSA 2024☆15May 20, 2024Updated 2 years ago
- Supply-chain Levels for Software Artifacts☆1,886Jun 23, 2026Updated 2 weeks ago
- Software Component Verification Standard (SCVS)☆160Apr 1, 2025Updated last year
- FINOS Financial Objects Program Documentation☆48May 25, 2026Updated last month
- OpenSSF Project Template☆23Jun 5, 2026Updated last month
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- Witness is a pluggable framework for software supply chain risk management. It automates, normalizes, and verifies software artifact pro…☆535Updated this week
- Collection of security best practices for package managers.☆164Sep 26, 2022Updated 3 years ago
- Kilt is a project that defines how to inject foreign apps into containers☆13Dec 15, 2023Updated 2 years ago
- Scan GitHub Actions Workflow logs for IOCs☆19Jul 2, 2026Updated last week
- GitHub App to set and enforce security policies☆1,435Updated this week
- Go client and SDK for Falco☆55Mar 18, 2026Updated 3 months ago
- Working Group on Artificial Intelligence and Machine Learning (AI/ML) Security☆177May 1, 2026Updated 2 months ago
- Collection of tools for analyzing open source packages.☆365Jun 15, 2026Updated 3 weeks ago
- Monitors Github for leaked secrets☆207Oct 25, 2024Updated last year
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Open Source Package Analysis☆895Updated this week
- A guide on coordinated vulnerability disclosure for open source projects. Includes templates for security policies (security.md) and disc…☆144Oct 5, 2023Updated 2 years ago
- Software Supply Chain Transparency Log☆1,177Updated this week
- Sigstore OIDC PKI☆862Updated this week
- Improve Software Bill of Materials (SBOM) tooling and training to encourage adoption☆116Feb 28, 2026Updated 4 months ago
- Gives criticality score for an open source project☆1,435Dec 2, 2025Updated 7 months ago
- THOR APT Scanner User Manual☆23Jun 24, 2026Updated 2 weeks ago