The purpose of the Metrics & Metadata (formerly Identifying Security Threats) working group is to enable stakeholders to have informed confidence in the security of open source projects. We do this by collecting, curating, and communicating relevant metrics and metadata from open source projects and the ecosystems of which they are a part.
☆223Apr 23, 2024Updated 2 years ago
Alternatives and similar repositories for wg-metrics-and-metadata
Users that are interested in wg-metrics-and-metadata are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- OpenSSF Security Tooling Working Group☆322Jul 6, 2025Updated 10 months ago
- The OpenSSF Vulnerability Disclosures Working Group seeks to help improve the overall security of the open source software ecosystem by h…☆218Feb 4, 2026Updated 3 months ago
- Our objective is to enable open source maintainers, contributors and end-users to understand and make decisions on the provenance of the …☆206Jan 15, 2026Updated 3 months ago
- Helping allocate resources to secure the critical open source projects we all depend on.☆393May 8, 2025Updated last year
- Collect, curate, and communicate relevant security metrics for open source projects.☆63Mar 13, 2024Updated 2 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- The Best Practices for OSS Developers working group is dedicated to raising awareness and education of secure code best practices for ope…☆1,012Apr 24, 2026Updated 2 weeks ago
- Technical Advisory Council☆143Apr 28, 2026Updated last week
- A community collection of security reviews of open source software components.☆99Feb 29, 2024Updated 2 years ago
- OpenSSF Governance and Legal Docs☆75Sep 9, 2025Updated 8 months ago
- OpenSSF Endusers Working Group☆28Mar 21, 2024Updated 2 years ago
- OpenSSF Working Group on Securing Software Repositories☆127Apr 6, 2026Updated last month
- Report missing advisories and corrections on OSS Index☆18Jan 19, 2023Updated 3 years ago
- The Great Multi-Factor Authentication (MFA) Distribution Project of the Open Source Security Foundation (OpenSSF). We work to distribute …☆55Dec 28, 2021Updated 4 years ago
- A guide on coordinated vulnerability disclosure for open source projects. Includes templates for security policies (security.md) and disc…☆137Apr 20, 2026Updated 2 weeks ago
- Deploy open-source AI quickly and easily - Special Bonus Offer • AdRunpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
- Build, edit, validate, and export CycloneDX BOMs through an intuitive browser-based interface☆19May 1, 2026Updated last week
- ☆26Mar 17, 2026Updated last month
- ☆41Jul 9, 2020Updated 5 years ago
- Secure Software Development Fundamentals courses (from the OpenSSF Best Practices WG)☆202Apr 10, 2026Updated 3 weeks ago
- AIBOM Workshop RSA 2024☆15May 20, 2024Updated last year
- Supply Chain Query Tool☆13May 25, 2022Updated 3 years ago
- Supply-chain Levels for Software Artifacts☆1,858Apr 25, 2026Updated 2 weeks ago
- OpenSSF Project Template☆22Nov 29, 2023Updated 2 years ago
- Software Component Verification Standard (SCVS)☆157Apr 1, 2025Updated last year
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- QSOS repository (Method, Formats, Tools)☆27Feb 12, 2024Updated 2 years ago
- Witness is a pluggable framework for software supply chain risk management. It automates, normalizes, and verifies software artifact pro…☆524Updated this week
- Kilt is a project that defines how to inject foreign apps into containers☆13Dec 15, 2023Updated 2 years ago
- Scan GitHub Actions Workflow logs for IOCs☆17Updated this week
- Quantitate binary risk assessment☆17May 9, 2022Updated 4 years ago
- GitHub App to set and enforce security policies☆1,416Apr 28, 2026Updated last week
- Go client and SDK for Falco☆55Mar 18, 2026Updated last month
- Collection of tools for analyzing open source packages.☆360May 1, 2026Updated last week
- Working Group on Artificial Intelligence and Machine Learning (AI/ML) Security☆168May 1, 2026Updated last week
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- A documentation and tracking project with the goal of making package management systems more secure.☆51Mar 5, 2021Updated 5 years ago
- DPE - Default Password Enumeration☆37Jun 3, 2013Updated 12 years ago
- Monitors Github for leaked secrets☆206Oct 25, 2024Updated last year
- A guide on coordinated vulnerability disclosure for open source projects. Includes templates for security policies (security.md) and disc…☆144Oct 5, 2023Updated 2 years ago
- Improve Software Bill of Materials (SBOM) tooling and training to encourage adoption☆113Feb 28, 2026Updated 2 months ago
- Gives criticality score for an open source project☆1,429Dec 2, 2025Updated 5 months ago
- ☆45Aug 26, 2025Updated 8 months ago