xeol-io / xeolLinks
A scanner for end-of-life (EOL) software and dependencies in container images, filesystems, and SBOMs
☆394Updated last week
Alternatives and similar repositories for xeol
Users that are interested in xeol are comparing it to the libraries listed below
Sorting:
- Evaluate source control (GitHub) security posture☆249Updated 2 years ago
- Witness is a pluggable framework for software supply chain risk management. It automates, normalizes, and verifies software artifact pro…☆477Updated 2 weeks ago
- Open source compliance tool for development platforms.☆286Updated last year
- Software Supply Chain Security Platform☆337Updated this week
- boostsecurityio/poutine☆279Updated this week
- Generate a score for your sbom to understand if it will actually be useful.☆229Updated 9 months ago
- A security layer for Git repositories☆525Updated this week
- BadRobot - Operator Security Audit Tool☆220Updated 2 weeks ago
- Evidence store and policy engine for your Software Supply Chain attestations, SBOMs, VEX, SARIF, QA reports, and more☆455Updated this week
- Next Generation Software Composition Analysis (SCA) with Malicious Package Detection, Code Context & Policy as Code☆399Updated this week
- Scans Software Bill of Materials (SBOMs) for security vulnerabilities☆569Updated 2 months ago
- ☆236Updated 2 weeks ago
- Search an SBOM for licenses and the packages they belong to☆88Updated this week
- Enrich SBOMs with data from third party services☆173Updated 2 months ago
- GitGoat is an open source tool that was built to enable DevOps and Engineering teams to design and implement a sustainable misconfigurati…☆170Updated 4 months ago
- Inspect certificate authorities in container images☆234Updated last week
- Runtime Security Solution for your CI/CD Pipeline☆104Updated 2 months ago
- Notice: Postee is no longer under active development or maintenance.☆211Updated this week
- A universal SBOM representation in protocol buffers☆288Updated this week
- Tool for collecting vulnerability data from various sources (used to build the grype database)☆96Updated last week
- An open source, cloud-native security to protect everything from build to runtime☆301Updated this week
- A GitHub App that acts like a Security Token Service (STS) for the Github API☆192Updated this week
- A tool to create, transform and attest VEX metadata☆138Updated last week
- OpenVEX Specification☆150Updated 2 months ago
- SBOM Assess - Evaluate SBOM quality and compliance☆211Updated last week
- open source, cloud-native, graph-based asset inventory☆350Updated this week
- Simple plug-and-play Github Action to block unauthorized outbound traffic (egress) in your Github workflows☆110Updated 2 weeks ago
- Verify provenance from SLSA compliant builders☆262Updated last week
- Detect and remediate misconfigurations and security risks across all your GitHub and GitLab assets☆809Updated 2 months ago
- A flexible threat detection platform that simplifies rule management and deployment using K8s CronJob and Helm, but can also run standalo…☆376Updated 8 months ago