oxsecurity / ox-security-scan
A GitHub Action for using OX Security to scan for vulnerabilities in your software projects
☆11Updated last week
Related projects ⓘ
Alternatives and complementary repositories for ox-security-scan
- Compare vulnerability scanners results (to make them better!)☆15Updated this week
- A comprehensive, systematic and actionable way to understand attacker behaviors and techniques with respect to the software supply chain☆86Updated 9 months ago
- Runtime Security Solution for your CI/CD Pipeline☆88Updated 2 months ago
- Enrich SBOMs with data from third party services☆120Updated this week
- Count distinct contributor of Snyk watched repos across several SCM☆30Updated 4 months ago
- DustiLock is a tool to find which of your dependencies is susceptible to a Dependency Confusion attack.☆36Updated 3 years ago
- NIST OSCAL SDK and CLI☆17Updated 4 months ago
- A tool to check the security settings of Github Organizations.☆69Updated last year
- OSCAL reusable component definitions library☆10Updated 6 months ago
- Run individual controls or full compliance benchmarks for NSA CISA Kubernetes Hardening Guidance across all of your Kubernetes clusters u…☆32Updated 3 weeks ago
- Generate a score for your sbom to understand if it will actually be useful.☆221Updated 3 months ago
- Static analysis for CloudFormation templates to identify common misconfiguration☆58Updated 2 years ago
- Agile authoring tutorial and repo set-up tooling☆18Updated 2 months ago
- ☆51Updated 8 months ago
- A tool to create, transform and attest VEX metadata☆119Updated this week
- fatbom (Fat Bill Of Materials) is a tool which combines the SBOM generated by various tools into one fat SBOM. Thus leveraging each tool'…☆32Updated 2 years ago
- https://breaches.cloud☆36Updated last month
- OWASP Dependency Track API client for intergration into CI/CD pipeline☆51Updated 3 months ago
- Slack alert bot for matching Github Audit Events☆10Updated last week
- Tool for collecting vulnerability data from various sources (used to build the grype database)☆75Updated this week
- Rego policies for enterprise-scale Compliance-as-Code with OPA Conftest.☆58Updated last year
- OpenVEX Specification☆132Updated 4 months ago
- Grype vulnerability check plugin for Visual Studio Code☆22Updated 2 months ago
- A BOM repository server for distributing CycloneDX BOMs☆74Updated 8 months ago
- This repo. is archived. The utility is now at: https://github.com/CycloneDX/sbom-utility☆61Updated last year
- ☆16Updated 6 months ago
- Provides teams using Turbot Guardrails automation and configuration-as-code examples for effective management of Guardrails for their org…☆25Updated this week
- ☆81Updated this week
- prel(iminary) is an application that temporarily assigns Google Cloud IAM Roles and includes an approval process.☆37Updated this week