The purpose of the Metrics & Metadata (formerly Identifying Security Threats) working group is to enable stakeholders to have informed confidence in the security of open source projects. We do this by collecting, curating, and communicating relevant metrics and metadata from open source projects and the ecosystems of which they are a part.
☆223Apr 23, 2024Updated last year
Alternatives and similar repositories for wg-metrics-and-metadata
Users that are interested in wg-metrics-and-metadata are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- OpenSSF Security Tooling Working Group☆322Jul 6, 2025Updated 9 months ago
- The OpenSSF Vulnerability Disclosures Working Group seeks to help improve the overall security of the open source software ecosystem by h…☆216Feb 4, 2026Updated 2 months ago
- Our objective is to enable open source maintainers, contributors and end-users to understand and make decisions on the provenance of the …☆204Jan 15, 2026Updated 3 months ago
- Helping allocate resources to secure the critical open source projects we all depend on.☆389May 8, 2025Updated 11 months ago
- Collect, curate, and communicate relevant security metrics for open source projects.☆63Mar 13, 2024Updated 2 years ago
- Serverless GPU API endpoints on Runpod - Bonus Credits • AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- The Best Practices for OSS Developers working group is dedicated to raising awareness and education of secure code best practices for ope…☆1,008Updated this week
- Technical Advisory Council☆140Apr 9, 2026Updated last week
- A community collection of security reviews of open source software components.☆99Feb 29, 2024Updated 2 years ago
- OpenSSF Governance and Legal Docs☆76Sep 9, 2025Updated 7 months ago
- OpenSSF Endusers Working Group☆28Mar 21, 2024Updated 2 years ago
- OpenSSF Working Group on Securing Software Repositories☆128Apr 6, 2026Updated last week
- Report missing advisories and corrections on OSS Index☆17Jan 19, 2023Updated 3 years ago
- The Great Multi-Factor Authentication (MFA) Distribution Project of the Open Source Security Foundation (OpenSSF). We work to distribute …☆55Dec 28, 2021Updated 4 years ago
- A guide on coordinated vulnerability disclosure for open source projects. Includes templates for security policies (security.md) and disc…☆137Updated this week
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- Build, edit, validate, and export CycloneDX BOMs through an intuitive browser-based interface☆19Apr 10, 2026Updated last week
- ☆26Mar 17, 2026Updated last month
- ☆41Jul 9, 2020Updated 5 years ago
- OpenSSF Scorecard - Security health metrics for Open Source☆5,376Updated this week
- Secure Software Development Fundamentals courses (from the OpenSSF Best Practices WG)☆202Apr 10, 2026Updated last week
- AIBOM Workshop RSA 2024☆15May 20, 2024Updated last year
- Supply Chain Query Tool☆13May 25, 2022Updated 3 years ago
- Supply-chain Levels for Software Artifacts☆1,846Updated this week
- OpenSSF Project Template☆23Nov 29, 2023Updated 2 years ago
- AI Agents on DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- Software Component Verification Standard (SCVS)☆157Apr 1, 2025Updated last year
- QSOS repository (Method, Formats, Tools)☆27Feb 12, 2024Updated 2 years ago
- Witness is a pluggable framework for software supply chain risk management. It automates, normalizes, and verifies software artifact pro…☆523Updated this week
- Collection of security best practices for package managers.☆164Sep 26, 2022Updated 3 years ago
- Kilt is a project that defines how to inject foreign apps into containers☆13Dec 15, 2023Updated 2 years ago
- THOR APT Scanner User Manual☆20Mar 31, 2026Updated 2 weeks ago
- Quantitate binary risk assessment☆17May 9, 2022Updated 3 years ago
- GitHub App to set and enforce security policies☆1,408Updated this week
- Working Group on Artificial Intelligence and Machine Learning (AI/ML) Security☆162Dec 19, 2025Updated 4 months ago
- Wordpress hosting with auto-scaling - Free Trial • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Collection of tools for analyzing open source packages.☆357Apr 8, 2026Updated last week
- DPE - Default Password Enumeration☆37Jun 3, 2013Updated 12 years ago
- Open Source Package Analysis☆875Feb 27, 2026Updated last month
- Monitors Github for leaked secrets☆205Oct 25, 2024Updated last year
- A guide on coordinated vulnerability disclosure for open source projects. Includes templates for security policies (security.md) and disc…☆143Oct 5, 2023Updated 2 years ago
- Software Supply Chain Transparency Log☆1,120Updated this week
- Sigstore OIDC PKI☆824Apr 13, 2026Updated last week