swinslow / npm-spdx

Related projects ⓘ

Alternatives and complementary repositories for npm-spdx

• fugue / regula-ci-example
  ☆13Updated last year
• darkbitio / tools
  Darkbit Cloud Security Tools
  ☆25Updated 3 years ago
• ossf / ossf-landscape
  ☆26Updated this week
• tacosframework / TACOS-spec
  TACOS framework structural details
  ☆19Updated 11 months ago
• chainguard-dev / bomshell
  An SBOM query language and associated utilities
  ☆54Updated 9 months ago
• omnibor / site
  Website for OmniBOR, reproducible identifiers & fine-grained build dependency tracking for software artifacts.
  ☆21Updated 2 weeks ago
• aws-observability / amp-eks-iam
  Tool providing easy IAM setup on EKS for Amazon Managed Service for Prometheus (AMP) users.
  ☆11Updated last year
• wolfi-dev / advisories
  Security advisory data for Wolfi
  ☆13Updated this week
• ComplianceAsCode / auditree-harvest
  The Auditree data gathering and reporting tool.
  ☆13Updated 2 months ago
• philips-labs / slsa-provenance-action
  Github Action implementation of SLSA Provenance Generation
  ☆47Updated this week
• square / spiffe-aws-assume-role
  This tool allows using a SPIFFE JWT to authenticate to AWS APIs
  ☆35Updated 5 months ago
• turbot / steampipe-mod-aws-well-architected
  Are AWS Well-Architected best practices being followed? Use Powerpipe and Steampipe to check if your AWS accounts are following best prac…
  ☆11Updated 2 weeks ago
• chainguard-dev / self-attestation
  Markdown Version of the DHS/CISA Secure Software Development Self Attestation Form.
  ☆21Updated last year
• anchore / yardstick
  Compare vulnerability scanners results (to make them better!)
  ☆15Updated this week
• jetstack / cert-manager-nginx-plus-lab
  Lab demonstrating cert-manager, nginx-plus and Venafi
  ☆19Updated 4 years ago
• latacora / remediate-AWS-IMDSv1
  Simple tool to identify and remediate the use of the AWS EC2 IMDSv1.
  ☆16Updated 3 years ago
• octo-sts / action
  ☆30Updated last week
• docker-archive / oscalkit
  NIST OSCAL SDK and CLI
  ☆36Updated 4 years ago
• chainguard-dev / justtrustme
  ☆51Updated 8 months ago
• uchi-mata / dostainer
  ☆29Updated 3 years ago
• chainguard-dev / github-audit-alerter
  Slack alert bot for matching Github Audit Events
  ☆10Updated last week
• awslabs / yesiscan
  Automatic license scanning and reports!
  ☆15Updated last year
• ramimac / breach-list-database
  A meta-database collecting resources that compile lists of breaches
  ☆18Updated last week
• mhausenblas / aws-container-security-survey-2020
  AWS container security survey 2020
  ☆11Updated 3 years ago
• chainguard-dev / maxcve
  ☆18Updated 7 months ago
• artis3n / course-vault-github-oidc
  Take this course to learn how to create fine-grained, least-privilege HashiCorp Vault roles for GitHub Action workflows using GitHub OIDC…
  ☆13Updated 7 months ago
• slsa-framework / github-actions-demo
  Proof-of-concept SLSA provenance generator for GitHub Actions
  ☆99Updated 2 years ago
• appvia / cosign-keyless-admission-webhook
  Kubernetes admission webhook that uses cosign verify to check the subject and issuer of the image matches what you expect
  ☆22Updated last week