Alternatives and similar repositories for sonar-report

Users that are interested in sonar-report are comparing it to the libraries listed below

• magnologan / awesome-sca
  A comprehensive list of software composition analysis tools.
  ☆156Updated last week
• jeremylong / open-vulnerability-cli
  A cli that can be used to query various online vulnerability sources such as the NVD or GHSA. The CLI and docker images can be used to mi…
  ☆152Updated last week
• OtherDevOpsGene / zap-sonar-plugin
  Integrates OWASP Zed Attack Proxy reports into SonarQube
  ☆72Updated 3 months ago
• MaibornWolff / dd-import
  A utility to (re-)import findings and language data into DefectDojo
  ☆43Updated last year
• hysnsec / awesome-sca
  A curated list of Software Component Analysis (SCA) books, courses - free and paid, videos, tools, and tutorials.
  ☆107Updated 11 months ago
• cnescatlab / sonar-cnes-report
  Generates analysis reports from SonarQube web API.
  ☆571Updated last month
• dbsystel / trivy-vulnerability-explorer
  Web application that allows to load a Trivy report in json format and displays the vulnerabilities of a single target in an interactive d…
  ☆152Updated last week
• DependencyTrack / frontend
  Frontend UI for Dependency-Track
  ☆131Updated last week
• jenkinsci / dependency-track-plugin
  Main repository for the official Dependency-Track Jenkins plugin
  ☆50Updated last week
• dependency-check / dependency-check-sonar-plugin
  Integrates Dependency-Check reports into SonarQube
  ☆669Updated last week
• devsecopsmaturitymodel / DevSecOps-MaturityModel
  ☆542Updated last week
• OWASP / www-project-devsecops-guideline
  The OWASP DevSecOps Guideline explains how we can implement a secure pipeline and use best practices and introduce tools that we can use …
  ☆74Updated 3 weeks ago
• porscheinformatik / sonarqube-licensecheck
  SonarQube Licensecheck Plugin
  ☆176Updated this week
• CycloneDX / cyclonedx-cli
  CycloneDX CLI tool for SBOM analysis, merging, diffs and format conversions.
  ☆420Updated last week
• checkmarx-ltd / cx-flow
  Checkmarx Scan and Result Orchestration
  ☆99Updated 2 weeks ago
• goharbor / harbor-scanner-trivy
  Use Trivy as a plug-in vulnerability scanner in the Harbor registry
  ☆28Updated last month
• secureCodeBox / secureCodeBox
  secureCodeBox (SCB) - continuous secure delivery out of the box
  ☆917Updated last week
• ShiftLeftSecurity / sast-scan
  Scan is a free & Open Source DevSecOps tool for performing static analysis based security testing of your applications and its dependenci…
  ☆852Updated 2 years ago
• aquasecurity / trivy-vscode-extension
  A VS Code Extension for Trivy
  ☆148Updated last month
• SonarSource / sonar-scanner-cli-docker
  Docker image for SonarScanner CLI
  ☆200Updated last week
• blackducksoftware / detect
  Scanning and analysis for Black Duck SCA products.
  ☆185Updated this week
• fortify / FortifyVulnerabilityExporter
  Deprecated; please use fcli instead
  ☆27Updated 2 months ago
• ICTU / zap2docker-auth-weekly
  Zap baseline scanner in Docker with authentication
  ☆103Updated last year
• aquasecurity / trivy-db
  ☆281Updated 3 weeks ago
• devops-kung-fu / bomber
  Scans Software Bill of Materials (SBOMs) for security vulnerabilities
  ☆589Updated 6 months ago
• Vinum-Security / kubernetes-security-checklist
  Kubernetes Security Checklist and Requirements - All in One (authentication, authorization, logging, secrets, configuration, network, wor…
  ☆481Updated 3 years ago
• stevespringett / nist-data-mirror
  A simple Java command-line utility to mirror the CVE JSON data from NIST.
  ☆210Updated 2 years ago
• MaibornWolff / SecObserve
  SecObserve is an open source vulnerability and license management system for software development teams and cloud environments. It suppor…
  ☆188Updated this week
• sonar-auth-oidc / sonar-auth-oidc
  OpenID Connect (OIDC) Plugin for SonarQube
  ☆119Updated 5 months ago
• DependencyTrack / gh-upload-sbom
  Publishes BOMs to Dependency-Track from GitHub Actions
  ☆55Updated last year