Alternatives and similar repositories for ox-security-scan

Users that are interested in ox-security-scan are comparing it to the libraries listed below

• advanced-security / policy-as-code
  GitHub Advanced Security Policy as Code
  ☆95Updated last month
• snyk / parlay
  Enrich SBOMs with data from third party services
  ☆214Updated this week
• openvex / vexctl
  A tool to create, transform and attest VEX metadata
  ☆172Updated last week
• eBay / sbom-scorecard
  Generate a score for your sbom to understand if it will actually be useful.
  ☆237Updated last year
• snyk-labs / snyk-cicd-integration-examples
  Examples of integrating the Snyk CLI into a CI/CD system
  ☆103Updated last year
• interlynk-io / sbomqs
  sbomqs: The Comprehensive SBOM Quality & Compliance Tool
  ☆267Updated this week
• Checkmarx / kics-github-action
  GitHub actions of KICS scan - Keeping Infrastructure as Code Secure
  ☆52Updated last month
• DependencyTrack / gh-upload-sbom
  Publishes BOMs to Dependency-Track from GitHub Actions
  ☆58Updated last year
• aquasecurity / chain-bench
  An open-source tool for auditing your software supply chain stack for security compliance based on a new CIS Software Supply Chain benchm…
  ☆767Updated last year
• anchore / sbom-action
  GitHub Action for creating software bill of materials using Syft.
  ☆219Updated this week
• step-security / secure-repo
  Orchestrate GitHub Actions Security
  ☆303Updated 3 weeks ago
• cdxgen / cdxgen
  Creates CycloneDX Bill of Materials (BOM) for your projects from source and container images. Supports many languages and package manager…
  ☆894Updated this week
• advanced-security / codeql-extractor-iac
  CodeQL Extractor, Library, and Queries for Infrastructure as Code
  ☆58Updated last week
• ossf / scorecard-action
  Official GitHub Action for OpenSSF Scorecard.
  ☆356Updated this week
• oxsecurity / MaskerLogger
  The Logger that will prevent your data leak
  ☆105Updated 3 weeks ago
• checkmarx-ts / checkmarx-github-action
  Checkmarx Scan Github Action
  ☆29Updated last year
• CycloneDX / sbom-utility
  Utility that provides an API platform for validating, querying and managing BOM data
  ☆124Updated last month
• advanced-security / secret-scanning-custom-patterns
  Examples of Custom Secret Scanning Patterns for use with GitHub Secret Protection/Advanced Security
  ☆170Updated last week
• ozontech / dtrack-audit
  OWASP Dependency Track API client for intergration into CI/CD pipeline
  ☆58Updated last year
• anchore / scan-action
  Anchore container analysis and scan provided as a GitHub Action
  ☆267Updated this week
• VexStore / fatbom
  fatbom (Fat Bill Of Materials) is a tool which combines the SBOM generated by various tools into one fat SBOM. Thus leveraging each tool'…
  ☆33Updated 3 years ago
• advanced-security / gh-sbom
  Generate SBOMs with gh CLI
  ☆198Updated 8 months ago
• interlynk-io / sbomasm
  sbomasm: The Complete SBOM Management Toolkit
  ☆101Updated last week
• veracode / veracode-api-py
  Python helper library for working with the Veracode APIs. Handles retries, pagination, and other features of the modern Veracode REST API…
  ☆25Updated 2 months ago
• devops-kung-fu / bomber
  Scans Software Bill of Materials (SBOMs) for security vulnerabilities
  ☆597Updated 10 months ago
• devsecopsmaturitymodel / DevSecOps-MaturityModel
  ☆559Updated last week
• CycloneDX / license-scanner
  Utility that provides an API and CLI to identify licenses and legal terms
  ☆51Updated 6 months ago
• OWASP / www-project-top-10-ci-cd-security-risks
  OWASP Foundation Web Respository
  ☆101Updated last month
• NickLiffen / ghas-enablement
  A tool that aims to bulk automates the enablement of GitHub Code Scanning, Secret Scanning and Dependabot across multiple repositories.
  ☆158Updated last year
• github / audit-actions-workflow-runs
  Audit your GitHub Actions workflow runs to see exactly which Actions were downloaded
  ☆79Updated 2 weeks ago