ossf/wg-metrics-and-metadata external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

ossf/wg-metrics-and-metadata

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/ossf/wg-metrics-and-metadata)

Close

ossf / wg-metrics-and-metadataView on GitHubMore

• External links
• Readme badge

The purpose of the Metrics & Metadata (formerly Identifying Security Threats) working group is to enable stakeholders to have informed confidence in the security of open source projects. We do this by collecting, curating, and communicating relevant metrics and metadata from open source projects and the ecosystems of which they are a part.

☆223Apr 23, 2024Updated last year

Alternatives and similar repositories for wg-metrics-and-metadata

Users that are interested in wg-metrics-and-metadata are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• ossf / wg-security-tooling

  View on GitHub
  OpenSSF Security Tooling Working Group
  ☆322Jul 6, 2025Updated 9 months ago
• ossf / wg-vulnerability-disclosures

  View on GitHub
  The OpenSSF Vulnerability Disclosures Working Group seeks to help improve the overall security of the open source software ecosystem by h…
  ☆216Feb 4, 2026Updated 2 months ago
• ossf / wg-supply-chain-integrity

  View on GitHub
  Our objective is to enable open source maintainers, contributors and end-users to understand and make decisions on the provenance of the …
  ☆204Jan 15, 2026Updated 3 months ago
• ossf / wg-securing-critical-projects

  View on GitHub
  Helping allocate resources to secure the critical open source projects we all depend on.
  ☆389May 8, 2025Updated 11 months ago
• ossf / Project-Security-Metrics

  View on GitHub
  Collect, curate, and communicate relevant security metrics for open source projects.
  ☆63Mar 13, 2024Updated 2 years ago
• Wordpress hosting with auto-scaling - Free Trial • Ad
  Fully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
• ossf / wg-best-practices-os-developers

  View on GitHub
  The Best Practices for OSS Developers working group is dedicated to raising awareness and education of secure code best practices for ope…
  ☆1,008Updated this week
• ossf / tac

  View on GitHub
  Technical Advisory Council
  ☆140Apr 9, 2026Updated last week
• ossf / security-reviews

  View on GitHub
  A community collection of security reviews of open source software components.
  ☆99Feb 29, 2024Updated 2 years ago
• ossf / foundation

  View on GitHub
  OpenSSF Governance and Legal Docs
  ☆76Sep 9, 2025Updated 7 months ago
• ossf / wg-endusers

  View on GitHub
  OpenSSF Endusers Working Group
  ☆28Mar 21, 2024Updated 2 years ago
• ossf / wg-securing-software-repos

  View on GitHub
  OpenSSF Working Group on Securing Software Repositories
  ☆128Apr 6, 2026Updated last week
• ossf / great-mfa-project

  View on GitHub
  The Great Multi-Factor Authentication (MFA) Distribution Project of the Open Source Security Foundation (OpenSSF). We work to distribute …
  ☆55Dec 28, 2021Updated 4 years ago
• ossf / oss-vulnerability-guide

  View on GitHub
  A guide on coordinated vulnerability disclosure for open source projects. Includes templates for security policies (security.md) and disc…
  ☆137Nov 15, 2025Updated 5 months ago
• CycloneDX / cyclonedx-bom-studio

  View on GitHub
  Build, edit, validate, and export CycloneDX BOMs through an intuitive browser-based interface
  ☆19Apr 10, 2026Updated last week
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
• Open-Source-Security-Coalition / Open-Source-Security-Coalition

  View on GitHub
  ☆41Jul 9, 2020Updated 5 years ago
• ossf / secure-sw-dev-fundamentals

  View on GitHub
  Secure Software Development Fundamentals courses (from the OpenSSF Best Practices WG)
  ☆202Apr 10, 2026Updated last week
• aibom-squad / AIBOM-RSA-2024

  View on GitHub
  AIBOM Workshop RSA 2024
  ☆15May 20, 2024Updated last year
• slsa-framework / slsa

  View on GitHub
  Supply-chain Levels for Software Artifacts
  ☆1,846Updated this week
• ossf / project-template

  View on GitHub
  OpenSSF Project Template
  ☆23Nov 29, 2023Updated 2 years ago
• OWASP / Software-Component-Verification-Standard

  View on GitHub
  Software Component Verification Standard (SCVS)
  ☆157Apr 1, 2025Updated last year
• finos / financial-objects

  View on GitHub
  FINOS Financial Objects Program Documentation
  ☆45Aug 29, 2024Updated last year
• drakkr / QSOS

  View on GitHub
  QSOS repository (Method, Formats, Tools)
  ☆27Feb 12, 2024Updated 2 years ago
• in-toto / witness

  View on GitHub
  Witness is a pluggable framework for software supply chain risk management. It automates, normalizes, and verifies software artifact pro…
  ☆523Updated this week
• Bare Metal GPUs on DigitalOcean Gradient AI • Ad
  Purpose-built for serious AI teams training foundational models, running large-scale inference, and pushing the boundaries of what's possible.
• ossf / package-manager-best-practices

  View on GitHub
  Collection of security best practices for package managers.
  ☆164Sep 26, 2022Updated 3 years ago
• falcosecurity / kilt

  View on GitHub
  Kilt is a project that defines how to inject foreign apps into containers
  ☆13Dec 15, 2023Updated 2 years ago
• chainguard-dev / ghscan

  View on GitHub
  Scan GitHub Actions Workflow logs for IOCs
  ☆17Updated this week
• redteam-project / cyber-test-lab

  View on GitHub
  Quantitate binary risk assessment
  ☆17May 9, 2022Updated 3 years ago
• ossf / allstar

  View on GitHub
  GitHub App to set and enforce security policies
  ☆1,408Updated this week
• falcosecurity / client-go

  View on GitHub
  Go client and SDK for Falco
  ☆55Mar 18, 2026Updated last month
• ossf / ai-ml-security

  View on GitHub
  Working Group on Artificial Intelligence and Machine Learning (AI/ML) Security
  ☆162Dec 19, 2025Updated 4 months ago
• OWASP / packman

  View on GitHub
  A documentation and tracking project with the goal of making package management systems more secure.
  ☆51Mar 5, 2021Updated 5 years ago
• toolswatch / DPE

  View on GitHub
  DPE - Default Password Enumeration
  ☆37Jun 3, 2013Updated 12 years ago
• GPUs on demand by Runpod - Special Offer Available • Ad
  Run AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
• ossf / package-analysis

  View on GitHub
  Open Source Package Analysis
  ☆874Feb 27, 2026Updated last month
• duo-labs / secret-bridge

  View on GitHub
  Monitors Github for leaked secrets
  ☆205Oct 25, 2024Updated last year
• google / oss-vulnerability-guide

  View on GitHub
  A guide on coordinated vulnerability disclosure for open source projects. Includes templates for security policies (security.md) and disc…
  ☆143Oct 5, 2023Updated 2 years ago
• sigstore / rekor

  View on GitHub
  Software Supply Chain Transparency Log
  ☆1,120Updated this week
• sigstore / fulcio

  View on GitHub
  Sigstore OIDC PKI
  ☆824Updated this week
• ossf / sbom-everywhere

  View on GitHub
  Improve Software Bill of Materials (SBOM) tooling and training to encourage adoption
  ☆113Feb 28, 2026Updated last month
• ossf / criticality_score

  View on GitHub
  Gives criticality score for an open source project
  ☆1,425Dec 2, 2025Updated 4 months ago