Alternatives and similar repositories for ox-security-scan

Users that are interested in ox-security-scan are comparing it to the libraries listed below

• oxsecurity / codetotal
  Analyze any snippet, file, or repository to detect possible security flaws such as secret in code, open source vulnerability, code securi…
  ☆76Updated 9 months ago
• interlynk-io / sbomasm
  SBOM Edit - Conditional edits and merging of SBOMs
  ☆69Updated this week
• oxsecurity / MaskerLogger
  The Logger that will prevent your data leak
  ☆100Updated 3 months ago
• interlynk-io / sbomgr
  SBOM Search - Context aware search in SBOM repositories
  ☆26Updated this week
• CycodeLabs / cimon-action
  Runtime Security Solution for your CI/CD Pipeline
  ☆104Updated 2 months ago
• pbom-dev / OSCAR
  A comprehensive, systematic and actionable way to understand attacker behaviors and techniques with respect to the software supply chain
  ☆94Updated 3 months ago
• chainguard-dev / bomshell
  An SBOM query language and associated utilities
  ☆54Updated last year
• finos / common-cloud-controls
  FINOS Common Cloud Controls
  ☆49Updated this week
• aquasecurity / vexhub
  ☆23Updated 2 months ago
• OWASP / OpenCRE
  ☆108Updated last week
• tenable / cloud-security-actions
  ☆12Updated last month
• elastisys / security-review
  ☆16Updated 2 years ago
• crashappsec / github-analyzer
  A tool to check the security settings of Github Organizations.
  ☆71Updated last year
• eBay / sbom-scorecard
  Generate a score for your sbom to understand if it will actually be useful.
  ☆229Updated 9 months ago
• aquasecurity / cfsec
  Static analysis for CloudFormation templates to identify common misconfiguration
  ☆57Updated 3 years ago
• anchore / yardstick
  Compare vulnerability scanners results (to make them better!)
  ☆16Updated last month
• chainguard-dev / dfc
  (d)ocker(f)ile (c)onverter: CLI to convert Dockerfiles to use Chainguard Images and APKs in FROM and RUN lines etc.
  ☆65Updated this week
• google / localtoast
  ☆112Updated last week
• hashicorp-forge / semgrep-rules
  HashiCorp-relevant rules for the Semgrep code analysis tool
  ☆41Updated last year
• avishayil / cdk-goat
  Vulnerable by Design AWS Cloud Development Kit (CDK) Infrastructure
  ☆47Updated last year
• Vulnetix / vulnetix
  Automate vulnerability triage which prioritizes remediation over discovery
  ☆18Updated this week
• CycloneDX / transparency-exchange-api
  A standard API specification for exchanging supply chain artifacts and intelligence
  ☆81Updated this week
• Nextdoor / cspm_evaluation_matrix
  Nextdoor's Cloud Security Posture Management (CSPM) Evaluation Matrix
  ☆58Updated last year
• CycloneDX / sbom-utility
  Utility that provides an API platform for validating, querying and managing BOM data
  ☆113Updated last week
• rusakovichma / TicTaaC
  Easy-to-use Threat modeling-as-a-Code (TaaC) solution following DevSecOps principles. Simple CI/CD integration as well as console usage. …
  ☆65Updated 11 months ago
• GoComply / oscalkit
  NIST OSCAL SDK and CLI
  ☆19Updated last week
• Ask-Sage / NIST-800-53-Automation
  This python app generates NIST 800 53 control implementation for each control and generate the CSV file.
  ☆48Updated last year
• CivicActions / oscal-component-definitions
  OSCAL reusable component definitions library
  ☆12Updated 2 months ago
• opengrep / opengrep-rules
  ☆68Updated 4 months ago
• DefectDojo / Community-Contribs
  DefectDojo Community Content
  ☆18Updated 7 months ago