xeol-io / xeolLinks
A scanner for end-of-life (EOL) software and dependencies in container images, filesystems, and SBOMs
☆413Updated this week
Alternatives and similar repositories for xeol
Users that are interested in xeol are comparing it to the libraries listed below
Sorting:
- Evidence store and policy engine for your Software Supply Chain attestations, SBOMs, VEX, SARIF, QA reports, and more☆492Updated this week
- A security layer for Git repositories☆546Updated this week
- Witness is a pluggable framework for software supply chain risk management. It automates, normalizes, and verifies software artifact pro…☆497Updated this week
- Open source compliance tool for development platforms.☆287Updated last year
- Evaluate source control (GitHub) security posture☆251Updated 2 years ago
- Inspect certificate authorities in container images☆237Updated this week
- Software Supply Chain Security Platform☆352Updated this week
- A license scanner for container images and filesystems.☆109Updated last week
- An open source, cloud-native security to protect everything from build to runtime☆319Updated this week
- boostsecurityio/poutine☆332Updated last week
- Runtime Security Solution for your CI/CD Pipeline☆109Updated 3 months ago
- Validate the isolation posture of your container environment.☆299Updated last month
- Simple plug-and-play Github Action to block unauthorized outbound traffic (egress) in your Github workflows☆111Updated last month
- SecObserve is an open source vulnerability and license management system for software development teams and cloud environments. It suppor…☆181Updated this week
- BadRobot - Operator Security Audit Tool☆223Updated this week
- A tool to create, transform and attest VEX metadata☆155Updated last week
- Enrich SBOMs with data from third party services☆195Updated last month
- Flowpipe is a cloud scripting engine. Automation and workflow to connect your clouds to the people, systems and data that matters.☆438Updated last week
- ☆246Updated 2 weeks ago
- Verify provenance from SLSA compliant builders☆285Updated 2 months ago
- Generate a score for your sbom to understand if it will actually be useful.☆233Updated last year
- Throw a tag at it and it comes back with a checksum.☆150Updated this week
- A GitHub App that acts like a Security Token Service (STS) for the Github API☆231Updated this week
- Detect and remediate misconfigurations and security risks across all your GitHub and GitLab assets☆815Updated 6 months ago
- (D)ocker(F)ile (C)onverter: CLI to convert Dockerfiles to use Chainguard Images and APKs in FROM and RUN lines etc.☆89Updated last week
- OpenVEX Specification☆158Updated 4 months ago
- The security workflow engine!☆122Updated last week
- sbomqs: The Comprehensive SBOM Quality & Compliance Tool☆245Updated last week
- CLI to prevent malicious Terraform Providers from being executed. You can define the allow list of Terraform Providers and their versions…☆87Updated last week
- This repo. is archived. The utility is now at: https://github.com/CycloneDX/sbom-utility☆60Updated 2 years ago