ossf/wg-metrics-and-metadata external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

ossf/wg-metrics-and-metadata

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/ossf/wg-metrics-and-metadata)

Close

ossf / wg-metrics-and-metadataView on GitHubMore

• External links
• Readme badge

The purpose of the Metrics & Metadata (formerly Identifying Security Threats) working group is to enable stakeholders to have informed confidence in the security of open source projects. We do this by collecting, curating, and communicating relevant metrics and metadata from open source projects and the ecosystems of which they are a part.

☆223Apr 23, 2024Updated 2 years ago

Alternatives and similar repositories for wg-metrics-and-metadata

Users that are interested in wg-metrics-and-metadata are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• ossf / wg-security-tooling

  View on GitHub
  OpenSSF Security Tooling Working Group
  ☆323Jul 6, 2025Updated 10 months ago
• ossf / wg-vulnerability-disclosures

  View on GitHub
  The OpenSSF Vulnerability Disclosures Working Group seeks to help improve the overall security of the open source software ecosystem by h…
  ☆220Feb 4, 2026Updated 3 months ago
• ossf / wg-supply-chain-integrity

  View on GitHub
  Our objective is to enable open source maintainers, contributors and end-users to understand and make decisions on the provenance of the …
  ☆206Jan 15, 2026Updated 4 months ago
• ossf / wg-securing-critical-projects

  View on GitHub
  Helping allocate resources to secure the critical open source projects we all depend on.
  ☆397May 8, 2025Updated last year
• ossf / Project-Security-Metrics

  View on GitHub
  Collect, curate, and communicate relevant security metrics for open source projects.
  ☆63Mar 13, 2024Updated 2 years ago
• Deploy on Railway without the complexity - Free Credits Offer • Ad
  Connect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
• ossf / wg-best-practices-os-developers

  View on GitHub
  The Best Practices for OSS Developers working group is dedicated to raising awareness and education of secure code best practices for ope…
  ☆1,026May 20, 2026Updated last week
• ossf / tac

  View on GitHub
  Technical Advisory Council
  ☆144Updated this week
• ossf / security-reviews

  View on GitHub
  A community collection of security reviews of open source software components.
  ☆99Feb 29, 2024Updated 2 years ago
• ossf / foundation

  View on GitHub
  OpenSSF Governance and Legal Docs
  ☆75Sep 9, 2025Updated 8 months ago
• ossf / wg-endusers

  View on GitHub
  OpenSSF Endusers Working Group
  ☆28Mar 21, 2024Updated 2 years ago
• ossf / wg-securing-software-repos

  View on GitHub
  OpenSSF Working Group on Securing Software Repositories
  ☆128Apr 6, 2026Updated last month
• ossf / oss-vulnerability-guide

  View on GitHub
  A guide on coordinated vulnerability disclosure for open source projects. Includes templates for security policies (security.md) and disc…
  ☆137Apr 20, 2026Updated last month
• ossf / toolbelt

  View on GitHub
  ☆26Mar 17, 2026Updated 2 months ago
• Open-Source-Security-Coalition / Open-Source-Security-Coalition

  View on GitHub
  ☆41Jul 9, 2020Updated 5 years ago
• Virtual machines for every use case on DigitalOcean • Ad
  Get dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
• ossf / scorecard

  View on GitHub
  OpenSSF Scorecard - Security health metrics for Open Source
  ☆5,455May 19, 2026Updated last week
• ossf / secure-sw-dev-fundamentals

  View on GitHub
  Secure Software Development Fundamentals courses (from the OpenSSF Best Practices WG)
  ☆203May 22, 2026Updated last week
• aibom-squad / AIBOM-RSA-2024

  View on GitHub
  AIBOM Workshop RSA 2024
  ☆15May 20, 2024Updated 2 years ago
• slsa-framework / slsa

  View on GitHub
  Supply-chain Levels for Software Artifacts
  ☆1,871May 18, 2026Updated last week
• ossf / project-template

  View on GitHub
  OpenSSF Project Template
  ☆22Nov 29, 2023Updated 2 years ago
• OWASP / Software-Component-Verification-Standard

  View on GitHub
  Software Component Verification Standard (SCVS)
  ☆158Apr 1, 2025Updated last year
• drakkr / QSOS

  View on GitHub
  QSOS repository (Method, Formats, Tools)
  ☆27Feb 12, 2024Updated 2 years ago
• in-toto / witness

  View on GitHub
  Witness is a pluggable framework for software supply chain risk management. It automates, normalizes, and verifies software artifact pro…
  ☆533Updated this week
• ossf / package-manager-best-practices

  View on GitHub
  Collection of security best practices for package managers.
  ☆164Sep 26, 2022Updated 3 years ago
• Deploy on Railway without the complexity - Free Credits Offer • Ad
  Connect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
• falcosecurity / kilt

  View on GitHub
  Kilt is a project that defines how to inject foreign apps into containers
  ☆13Dec 15, 2023Updated 2 years ago
• chainguard-dev / ghscan

  View on GitHub
  Scan GitHub Actions Workflow logs for IOCs
  ☆17May 18, 2026Updated last week
• redteam-project / cyber-test-lab

  View on GitHub
  Quantitate binary risk assessment
  ☆17May 9, 2022Updated 4 years ago
• ossf / allstar

  View on GitHub
  GitHub App to set and enforce security policies
  ☆1,424Updated this week
• ossf / ai-ml-security

  View on GitHub
  Working Group on Artificial Intelligence and Machine Learning (AI/ML) Security
  ☆169May 1, 2026Updated 3 weeks ago
• NextronSystems / thor-manual

  View on GitHub
  THOR APT Scanner User Manual
  ☆22May 22, 2026Updated last week
• duo-labs / secret-bridge

  View on GitHub
  Monitors Github for leaked secrets
  ☆206Oct 25, 2024Updated last year
• ossf / package-analysis

  View on GitHub
  Open Source Package Analysis
  ☆887May 22, 2026Updated last week
• google / oss-vulnerability-guide

  View on GitHub
  A guide on coordinated vulnerability disclosure for open source projects. Includes templates for security policies (security.md) and disc…
  ☆144Oct 5, 2023Updated 2 years ago
• Simple, predictable pricing with DigitalOcean hosting • Ad
  Always know what you'll pay with monthly caps and flat pricing. Enterprise-grade infrastructure trusted by 600k+ customers.
• sigstore / rekor

  View on GitHub
  Software Supply Chain Transparency Log
  ☆1,147Updated this week
• sigstore / fulcio

  View on GitHub
  Sigstore OIDC PKI
  ☆843Updated this week
• ossf / sbom-everywhere

  View on GitHub
  Improve Software Bill of Materials (SBOM) tooling and training to encourage adoption
  ☆114Feb 28, 2026Updated 3 months ago
• ossf / criticality_score

  View on GitHub
  Gives criticality score for an open source project
  ☆1,429Dec 2, 2025Updated 5 months ago
• usnistgov / 800-63-4

  View on GitHub
  ☆45Aug 26, 2025Updated 9 months ago
• slashben / beat-ac-cosign-verifier

  View on GitHub
  This is a POC repository showing how a Kubernetes Admission Controller can be made irrelevant when verifying container image signatures
  ☆12Dec 21, 2022Updated 3 years ago
• ossf / DevRel-community

  View on GitHub
  Evangelizing the mission and work of the OpenSSF and building strong community outreach around end-users, open-source maintainers, and co…
  ☆25May 2, 2024Updated 2 years ago