Protect against malicious open source packages π€
β1,068Jun 5, 2026Updated this week
Alternatives and similar repositories for vet
Users that are interested in vet are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Reference architecture and proof of concept implementation for supply chain security gatewayβ23Apr 1, 2023Updated 3 years ago
- PMG protects developers, AI agents from malicious open source packages using proxy, sandbox and SafeDep's threat intelligence feed.β399Updated this week
- Tool to detect and monitor GitHub org users' public repositories for secrets and sensitive filesβ232Apr 17, 2026Updated last month
- Detect and remediate misconfigurations and security risks across all your GitHub and GitLab assetsβ872Mar 28, 2025Updated last year
- A universal SBOM representation in protocol buffersβ326May 22, 2026Updated 2 weeks ago
- Deploy on Railway without the complexity - Free Credits Offer β’ AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- A compilation of Software Supply Chain Security resources including initiatives, standards, regulations, organizations, vendors, tooling,β¦β148Jan 28, 2024Updated 2 years ago
- Generate a score for your sbom to understand if it will actually be useful.β243Aug 13, 2024Updated last year
- β69Jul 18, 2025Updated 10 months ago
- poutine, a supply chain vulnerability scanner for build pipelinesβ468May 26, 2026Updated 2 weeks ago
- Software Supply Chain Security Platformβ405Updated this week
- Witness is a pluggable framework for software supply chain risk management. It automates, normalizes, and verifies software artifact proβ¦β534Jun 1, 2026Updated last week
- Generate xBOMs enriched with AI, SaaS, Crypto and more using Static Code Analysisβ32Jan 22, 2026Updated 4 months ago
- Enrich SBOMs with data from third party servicesβ227May 18, 2026Updated 3 weeks ago
- π΄π‘π’ The Amazing Multipurpose Policy Engine (and L)β49Updated this week
- Bare Metal GPUs on DigitalOcean Gradient AI β’ AdPurpose-built for serious AI teams training foundational models, running large-scale inference, and pushing the boundaries of what's possible.
- Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.β2,676Updated this week
- A vulnerability scanner for container images and filesystemsβ12,348Updated this week
- A security tool that detects malicious packages from external vulnerability feeds and searches for them in your package registries or artβ¦β69Nov 27, 2025Updated 6 months ago
- Vulnerability scanner written in Go which uses the data provided by https://osv.devβ10,464Updated this week
- π Static code analysis engine to find security issues in code.β2,658Updated this week
- A repository of reports of malicious packages identified in Open Source package repositories, consumable via the Open Source Vulnerabilitβ¦β533Updated this week
- Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on pβ¦β5,672Apr 16, 2026Updated last month
- #supply #chain #attack #detectionβ660Updated this week
- kntrl is an eBPF based runtime agent that monitors and prevents anomalous behaviour defined by you on your pipeline. kntrl achieves this β¦β131May 12, 2026Updated 3 weeks ago
- Deploy on Railway without the complexity - Free Credits Offer β’ AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Easy-to-use Threat modeling-as-a-Code (TaaC) solution following DevSecOps principles. Simple CI/CD integration as well as console usage. β¦β72Jun 25, 2025Updated 11 months ago
- Automation tool for Windows Deception Host Burn-Inβ85Dec 4, 2024Updated last year
- Resources for the deps.dev APIβ411Jun 3, 2026Updated last week
- Harden-Runner is a CI/CD security agent that works like an EDR for GitHub Actions runners. It monitors network egress, file integrity, anβ¦β1,187May 25, 2026Updated 2 weeks ago
- GitHub App to set and enforce security policiesβ1,428Jun 2, 2026Updated last week
- The security workflow engine!β138Nov 20, 2025Updated 6 months ago
- Detect leaked secrets + live validation. Map blast radius across your stack. Revoke fast. 950+ rules.β1,130Updated this week
- CLI tool and library for generating a Software Bill of Materials from container images and filesystemsβ9,077Updated this week
- A security layer for Git repositoriesβ623Updated this week
- Serverless GPU API endpoints on Runpod - Get Bonus Credits β’ AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- Machine-readable specification for the attestation of security-relevant data.β75May 11, 2026Updated 3 weeks ago
- Scans Software Bill of Materials (SBOMs) for security vulnerabilitiesβ615Feb 10, 2026Updated 3 months ago
- OpenSSF Scorecard - Security health metrics for Open Sourceβ5,487Jun 2, 2026Updated last week
- A free and open vulnerabilities database and the packages they impact. And the tools to aggregate and correlate these vulnerabilities. Spβ¦β666Jun 2, 2026Updated last week
- β20Apr 10, 2025Updated last year
- SDLC evidence store and policy engine for your Software Supply Chain attestations, SBOMs, VEX, SARIF, QA reports, and moreβ554Updated this week
- Supply-Chain Firewall (SCFW) is a tool for preventing the installation of malicious npm and PyPI packagesβ364Updated this week