sozercan / guac-ai-moleLinks
π₯ Inspect and understand an organization's software supply chain using AI to enable stakeholders to make actionable decisions about software supply chain security
β21Updated last year
Alternatives and similar repositories for guac-ai-mole
Users that are interested in guac-ai-mole are comparing it to the libraries listed below
Sorting:
- Visualizer for GUACβ28Updated last month
- Tooling and library for generation, validation and verification of supply chain metadata documents and frameworksβ33Updated 6 months ago
- β67Updated last year
- Archivista is a graph and storage service for in-toto attestations. Archivista enables the discovery and retrieval of attestations for soβ¦β101Updated this week
- Helm Chart for deploying GUACβ18Updated 5 months ago
- A CLI tool for creating secure by design/default source repos.β28Updated last year
- β250Updated this week
- A tool to create, transform and attest VEX metadataβ161Updated this week
- Generate a score for your sbom to understand if it will actually be useful.β234Updated last year
- CLOMonitor is a tool that periodically checks open source projects repositories to verify they meet certain project health best practicesβ140Updated last week
- Example CLI project to demo API architecture and protobom libraryβ22Updated 3 weeks ago
- Sigstore Policy Controller - an admission controller that can be used to enforce policy on a Kubernetes cluster based on verifiable suppβ¦β147Updated last week
- OpenVEX Specificationβ160Updated 4 months ago
- sbomasm: The Complete SBOM Management Toolkitβ91Updated this week
- Artifact Ratification Framework (CNCF Sandbox)β280Updated this week
- β16Updated last year
- Stuff to make standing up sigstore (esp. for testing) easier for e2e/integration testing.β68Updated last week
- sigstore installation walkthrough, localβ63Updated last year
- The S2C2F Project is a group working within the OpenSSF's Supply Chain Integrity Working Group formed to further develop and continuouslyβ¦β215Updated 5 months ago
- Collating an overview of the open source software supply chain landscape -- and synthesizing that survey in a hopefully-useful way.β33Updated 2 years ago
- A specification for signing methods and formats used by Secure Systems Lab projects.β87Updated last month
- in-toto Attestation Frameworkβ305Updated last week
- Cross tooling and interoperability specificationsβ174Updated 5 months ago
- TUF repository for Sigstore trust rootβ109Updated this week
- Improve Software Bill of Materials (SBOM) tooling and training to encourage adoptionβ104Updated last week
- Helm charts for sigstore projectβ83Updated last week
- sbomqs: The Comprehensive SBOM Quality & Compliance Toolβ244Updated this week
- Go implementation of witnessβ39Updated last week
- The Compliance Validatorβ184Updated last month
- GitHub Action for creating software bill of materials using Syft.β206Updated last week