sonatype-nexus-community / ahabLinks
ahab is a tool to check for vulnerabilities in your apt, apk, or yum powered operating systems, powered by Sonatype OSS Index.
☆68Updated last year
Alternatives and similar repositories for ahab
Users that are interested in ahab are comparing it to the libraries listed below
Sorting:
- Grype vulnerability check plugin for Visual Studio Code☆23Updated 8 months ago
- This repo. is archived. The utility is now at: https://github.com/CycloneDX/sbom-utility☆60Updated 2 years ago
- Collect, curate, and communicate relevant security metrics for open source projects.☆63Updated last year
- a tool to audit the istio service mesh☆173Updated 3 years ago
- vexctl is a tool to attest VEX impact statements☆45Updated 2 years ago
- Report missing advisories and corrections on OSS Index☆17Updated 2 years ago
- Slack alert bot for matching Github Audit Events☆10Updated 9 months ago
- Website for OmniBOR, reproducible identifiers & fine-grained build dependency tracking for software artifacts.☆21Updated 7 months ago
- Tool for collecting vulnerability data from various sources (used to build the grype database)☆101Updated last week
- The SCANOSS SBOM Workbench graphical user interface to scan and audit your source code.☆56Updated 2 weeks ago
- A BOM repository server for distributing CycloneDX BOMs☆77Updated last month
- Check images in your charts for vulnerabilities☆42Updated 2 months ago
- ☆30Updated last week
- Proof-of-concept SLSA provenance generator for GitHub Actions☆100Updated 2 years ago
- ☆88Updated 3 months ago
- Kubernetes admission webhook that uses cosign verify to check the subject and issuer of the image matches what you expect☆23Updated last month
- Markdown Version of the DHS/CISA Secure Software Development Self Attestation Form.☆21Updated 2 years ago
- Trivy's misconfiguration scanning engine☆217Updated 7 months ago
- Plugin for Docker CLI to support SBOM creation using Syft☆156Updated 4 months ago
- Produce an Open Source Vulnerability JSON file based on information in an SPDX document☆64Updated last year
- Technical Advisory Council☆130Updated last week
- fatbom (Fat Bill Of Materials) is a tool which combines the SBOM generated by various tools into one fat SBOM. Thus leveraging each tool'…☆33Updated 2 years ago
- Utility that provides an API and CLI to identify licenses and legal terms☆51Updated last month
- Simple command-line client to the Anchore Engine service☆114Updated last year
- Generate a score for your sbom to understand if it will actually be useful.☆233Updated last year
- Github Action implementation of SLSA Provenance Generation☆50Updated last week
- Security scanning & static analysis tool☆94Updated 10 months ago
- Open Source runtime scanner for k8s cluster and perform security audit checks based on CIS Kubernetes Benchmark specification☆68Updated this week
- Runtime security plug to protect user containers☆66Updated last week
- Lockheed Martin developed utility to generate CycloneDX SBOMs for Linux distributions☆48Updated last month