Alternatives and similar repositories for scanner

Users that are interested in scanner are comparing it to the libraries listed below

• anchore / grype-db
  ☆54Updated this week
• trustification / trustification
  Services for storing and searching information about software content and vulnerabilities
  ☆53Updated this week
• stackrox / collector
  Runtime data collection for the StackRox Kubernetes Security Platform using eBPF
  ☆54Updated this week
• sigstore / rekor-operator
  K8S Operator for Rekor
  ☆20Updated 2 years ago
• spiffe / tornjak
  Tornjak is a UI and management layer used for brokering human access to one or more SPIRE deployments
  ☆84Updated 2 weeks ago
• in-toto / community
  in-toto is a framework to secure the software supply chain.
  ☆71Updated 10 months ago
• ossf / ossf-landscape
  ☆30Updated this week
• omnibor / site
  Website for OmniBOR, reproducible identifiers & fine-grained build dependency tracking for software artifacts.
  ☆21Updated 9 months ago
• hermetoproject / hermeto
  Hermeto is a CLI tool that prefetches your project dependencies to aid in making your container build process hermetic.
  ☆24Updated last week
• RedHatProductSecurity / osidb
  OSIDB — Open Security Issue Database
  ☆36Updated this week
• falcosecurity / falcoctl
  Administrative tooling for Falco
  ☆113Updated this week
• anchore / vunnel
  Tool for collecting vulnerability data from various sources (used to build the grype database)
  ☆104Updated this week
• ComplianceAsCode / compliance-operator
  Operator providing Kubernetes cluster compliance checks
  ☆50Updated this week
• falcosecurity / evolution
  Evolution process of The Falco Project
  ☆57Updated this week
• quay / container-security-operator
  Identify image vulnerabilities in Kubernetes pods
  ☆107Updated 2 weeks ago
• anchore / kubernetes-admission-controller
  Service implementation for a Kubernetes Dynamic Webhook controller for interacting with Anchore
  ☆65Updated this week
• ossf / sbom-everywhere
  Improve Software Bill of Materials (SBOM) tooling and training to encourage adoption
  ☆105Updated 3 weeks ago
• kusaridev / spector
  Tooling and library for generation, validation and verification of supply chain metadata documents and frameworks
  ☆33Updated 6 months ago
• mchmarny / vimp
  Compare data from multiple vulnerability scanners to get a more complete picture of potential exposures.
  ☆74Updated 2 years ago
• in-toto / demo
  Securing Alice's, Bob's and Carl's software supply chain using in-toto
  ☆99Updated 3 weeks ago
• testifysec / witness-run-action
  ☆11Updated this week
• sonatype-nexus-community / ahab
  ahab is a tool to check for vulnerabilities in your apt, apk, or yum powered operating systems, powered by Sonatype OSS Index.
  ☆68Updated last year
• openvex / go-vex
  Go module to generate and transform VEX documents
  ☆49Updated this week
• submariner-io / shipyard
  Framework and scripts to create multiple Kubernetes clusters with kind (K8s in Docker) for local E2E testing and development.
  ☆56Updated this week
• bomctl / bomctl
  Format agnostic SBOM tooling
  ☆121Updated this week
• quay / claircore
  foundation modules for scanning container packages and reporting vulnerabilities
  ☆147Updated last week
• kubevirt / project-infra
  Project infrastructure administrative tools
  ☆35Updated last week
• spdx / ntia-conformance-checker
  Check SPDX SBOM for NTIA minimum elements
  ☆73Updated this week
• nyph-infosec / daggerboard
  ☆102Updated last year
• openvex / spec
  OpenVEX Specification
  ☆161Updated 5 months ago