Alternatives and similar repositories for ox-security-scan

Users that are interested in ox-security-scan are comparing it to the libraries listed below

• pbom-dev / OSCAR
  A comprehensive, systematic and actionable way to understand attacker behaviors and techniques with respect to the software supply chain
  ☆94Updated 3 months ago
• anchore / yardstick
  Compare vulnerability scanners results (to make them better!)
  ☆16Updated 3 weeks ago
• cloud-native-security-controls / controls-catalog
  ☆16Updated last year
• opengrep / opengrep-rules
  ☆64Updated 3 months ago
• CycloneDX / transparency-exchange-api
  A standard API specification for exchanging supply chain artifacts and intelligence
  ☆79Updated this week
• aquasecurity / vexhub
  ☆23Updated last month
• DataDog / supply-chain-firewall
  A tool for preventing the installation of malicious PyPI and npm packages
  ☆144Updated this week
• gborough / roscal
  Open Security Controls Assessment Language Toolbox
  ☆12Updated this week
• defenseunicorns / go-oscal
  Repository for the generation of OSCAL data types
  ☆24Updated this week
• CycodeLabs / cimon-action
  Runtime Security Solution for your CI/CD Pipeline
  ☆102Updated 2 months ago
• CloudSecurityAlliance / continuous-audit-metrics
  Continuous Audit Metrics
  ☆26Updated 11 months ago
• oxsecurity / MaskerLogger
  The Logger that will prevent your data leak
  ☆99Updated 2 months ago
• ossf / security-baseline
  ☆84Updated this week
• advanced-security / policy-as-code
  GitHub Advanced Security Policy as Code
  ☆82Updated 3 weeks ago
• Vulnetix / vulnetix
  Automate vulnerability triage which prioritizes remediation over discovery
  ☆18Updated this week
• interlynk-io / sbomasm
  SBOM Edit - Conditional edits and merging of SBOMs
  ☆69Updated this week
• microsoft / Threat-Matrix-for-Kubernetes
  Microsoft Defender for Cloud threat matrix for Kubernetes
  ☆25Updated 2 years ago
• GitGuardian / src-fingerprint
  Extract git related information (file shas, commit shas) from your hosted source version control system
  ☆22Updated last year
• CycloneDX / cyclonedx-bom-repo-server
  A BOM repository server for distributing CycloneDX BOMs
  ☆77Updated last year
• eBay / sbom-scorecard
  Generate a score for your sbom to understand if it will actually be useful.
  ☆229Updated 9 months ago
• google / localtoast
  ☆112Updated 4 months ago
• mchmarny / s3cme
  Template Go app repo with local test/lint/build/vulnerability check workflow, and on tag image test/build/release pipelines, with ko gene…
  ☆104Updated last year
• oxsecurity / codetotal
  Analyze any snippet, file, or repository to detect possible security flaws such as secret in code, open source vulnerability, code securi…
  ☆76Updated 9 months ago
• anchore / grype-vscode
  Grype vulnerability check plugin for Visual Studio Code
  ☆22Updated 5 months ago
• crashappsec / github-analyzer
  A tool to check the security settings of Github Organizations.
  ☆71Updated last year
• VexStore / fatbom
  fatbom (Fat Bill Of Materials) is a tool which combines the SBOM generated by various tools into one fat SBOM. Thus leveraging each tool'…
  ☆32Updated 2 years ago
• snyk-tech-services / snyk-scm-contributors-count
  Count distinct contributor of Snyk watched repos across several SCM
  ☆32Updated 10 months ago
• IBM / sbom-utility
  This repo. is archived. The utility is now at: https://github.com/CycloneDX/sbom-utility
  ☆60Updated 2 years ago
• CivicActions / oscal-component-definitions
  OSCAL reusable component definitions library
  ☆12Updated 2 months ago
• Vulnetix / python-ssvc
  Python implementation of Stakeholder-Specific Vulnerability Categorization (SSVC)
  ☆21Updated 5 months ago