ossf/wg-metrics-and-metadata external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

ossf/wg-metrics-and-metadata

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/ossf/wg-metrics-and-metadata)

Close

ossf / wg-metrics-and-metadataView on GitHubMore

• External links
• Readme badge

The purpose of the Metrics & Metadata (formerly Identifying Security Threats) working group is to enable stakeholders to have informed confidence in the security of open source projects. We do this by collecting, curating, and communicating relevant metrics and metadata from open source projects and the ecosystems of which they are a part.

☆223Apr 23, 2024Updated last year

Alternatives and similar repositories for wg-metrics-and-metadata

Users that are interested in wg-metrics-and-metadata are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• ossf / wg-security-tooling

  View on GitHub
  OpenSSF Security Tooling Working Group
  ☆321Jul 6, 2025Updated 8 months ago
• ossf / wg-vulnerability-disclosures

  View on GitHub
  The OpenSSF Vulnerability Disclosures Working Group seeks to help improve the overall security of the open source software ecosystem by h…
  ☆215Feb 4, 2026Updated last month
• ossf / wg-supply-chain-integrity

  View on GitHub
  Our objective is to enable open source maintainers, contributors and end-users to understand and make decisions on the provenance of the …
  ☆202Jan 15, 2026Updated 2 months ago
• ossf / wg-securing-critical-projects

  View on GitHub
  Helping allocate resources to secure the critical open source projects we all depend on.
  ☆389May 8, 2025Updated 10 months ago
• ossf / Project-Security-Metrics

  View on GitHub
  Collect, curate, and communicate relevant security metrics for open source projects.
  ☆63Mar 13, 2024Updated 2 years ago
• Managed Database hosting by DigitalOcean • Ad
  PostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
• ossf / wg-best-practices-os-developers

  View on GitHub
  The Best Practices for OSS Developers working group is dedicated to raising awareness and education of secure code best practices for ope…
  ☆1,003Updated this week
• ossf / tac

  View on GitHub
  Technical Advisory Council
  ☆136Mar 18, 2026Updated last week
• ossf / security-reviews

  View on GitHub
  A community collection of security reviews of open source software components.
  ☆99Feb 29, 2024Updated 2 years ago
• ossf / foundation

  View on GitHub
  OpenSSF Governance and Legal Docs
  ☆76Sep 9, 2025Updated 6 months ago
• ossf / wg-securing-software-repos

  View on GitHub
  OpenSSF Working Group on Securing Software Repositories
  ☆128Dec 18, 2025Updated 3 months ago
• CycloneDX / cyclonedx-bom-studio

  View on GitHub
  Build, edit, validate, and export CycloneDX BOMs through an intuitive browser-based interface
  ☆16Mar 13, 2026Updated 2 weeks ago
• ossf / great-mfa-project

  View on GitHub
  The Great Multi-Factor Authentication (MFA) Distribution Project of the Open Source Security Foundation (OpenSSF). We work to distribute …
  ☆55Dec 28, 2021Updated 4 years ago
• ossf / oss-vulnerability-guide

  View on GitHub
  A guide on coordinated vulnerability disclosure for open source projects. Includes templates for security policies (security.md) and disc…
  ☆135Nov 15, 2025Updated 4 months ago
• ossf / toolbelt

  View on GitHub
  ☆26Mar 17, 2026Updated last week
• Managed Database hosting by DigitalOcean • Ad
  PostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
• Open-Source-Security-Coalition / Open-Source-Security-Coalition

  View on GitHub
  ☆41Jul 9, 2020Updated 5 years ago
• ossf / scorecard

  View on GitHub
  OpenSSF Scorecard - Security health metrics for Open Source
  ☆5,336Updated this week
• ossf / secure-sw-dev-fundamentals

  View on GitHub
  Secure Software Development Fundamentals courses (from the OpenSSF Best Practices WG)
  ☆202Updated this week
• aibom-squad / AIBOM-RSA-2024

  View on GitHub
  AIBOM Workshop RSA 2024
  ☆15May 20, 2024Updated last year
• slsa-framework / slsa

  View on GitHub
  Supply-chain Levels for Software Artifacts
  ☆1,830Mar 11, 2026Updated 2 weeks ago
• ossf / project-template

  View on GitHub
  OpenSSF Project Template
  ☆23Nov 29, 2023Updated 2 years ago
• OWASP / Software-Component-Verification-Standard

  View on GitHub
  Software Component Verification Standard (SCVS)
  ☆157Apr 1, 2025Updated 11 months ago
• drakkr / QSOS

  View on GitHub
  QSOS repository (Method, Formats, Tools)
  ☆27Feb 12, 2024Updated 2 years ago
• in-toto / witness

  View on GitHub
  Witness is a pluggable framework for software supply chain risk management. It automates, normalizes, and verifies software artifact pro…
  ☆520Mar 23, 2026Updated last week
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting with the flexibility to host WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Cloudways by DigitalOcean.
• ossf / package-manager-best-practices

  View on GitHub
  Collection of security best practices for package managers.
  ☆164Sep 26, 2022Updated 3 years ago
• falcosecurity / kilt

  View on GitHub
  Kilt is a project that defines how to inject foreign apps into containers
  ☆13Dec 15, 2023Updated 2 years ago
• chainguard-dev / ghscan

  View on GitHub
  Scan GitHub Actions Workflow logs for IOCs
  ☆17Mar 16, 2026Updated 2 weeks ago
• NextronSystems / thor-manual

  View on GitHub
  THOR APT Scanner User Manual
  ☆20Mar 9, 2026Updated 3 weeks ago
• redteam-project / cyber-test-lab

  View on GitHub
  Quantitate binary risk assessment
  ☆17May 9, 2022Updated 3 years ago
• ossf / allstar

  View on GitHub
  GitHub App to set and enforce security policies
  ☆1,399Mar 23, 2026Updated last week
• falcosecurity / client-go

  View on GitHub
  Go client and SDK for Falco
  ☆55Mar 18, 2026Updated last week
• ossf / ai-ml-security

  View on GitHub
  Working Group on Artificial Intelligence and Machine Learning (AI/ML) Security
  ☆157Dec 19, 2025Updated 3 months ago
• microsoft / OSSGadget

  View on GitHub
  Collection of tools for analyzing open source packages.
  ☆358Mar 9, 2026Updated 3 weeks ago
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting with the flexibility to host WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Cloudways by DigitalOcean.
• OWASP / packman

  View on GitHub
  A documentation and tracking project with the goal of making package management systems more secure.
  ☆51Mar 5, 2021Updated 5 years ago
• toolswatch / DPE

  View on GitHub
  DPE - Default Password Enumeration
  ☆37Jun 3, 2013Updated 12 years ago
• ossf / package-analysis

  View on GitHub
  Open Source Package Analysis
  ☆869Feb 27, 2026Updated last month
• duo-labs / secret-bridge

  View on GitHub
  Monitors Github for leaked secrets
  ☆206Oct 25, 2024Updated last year
• google / oss-vulnerability-guide

  View on GitHub
  A guide on coordinated vulnerability disclosure for open source projects. Includes templates for security policies (security.md) and disc…
  ☆144Oct 5, 2023Updated 2 years ago
• sigstore / fulcio

  View on GitHub
  Sigstore OIDC PKI
  ☆814Mar 23, 2026Updated last week
• sigstore / rekor

  View on GitHub
  Software Supply Chain Transparency Log
  ☆1,103Mar 23, 2026Updated last week