CLI tool and library for generating a Software Bill of Materials from container images and filesystems
-
Updated
Aug 23, 2022 - Go
#
sbom
Here are 107 public repositories matching this topic...
licensing
packages
open-source-licensing
provenance
dependencies
license
spdx
spdx-license
copyright
sca
spdx-licenses
license-checking
license-scan
copyright-scan
software-composition-analysis
oss-compliance
purl
package-url
sbom
-
Updated
Aug 23, 2022 - Python
Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.
security
owasp
bom
vulnerabilities
vulndb
appsec
component-analysis
nvd
vulnerability-detection
sca
software-security
security-automation
devsecops
software-composition-analysis
bill-of-materials
ossindex
purl
package-url
sbom
cyclonedx
-
Updated
Aug 24, 2022 - Java
LunaSec - Open Source AppSec platform that automatically notifies you the next time vulnerabilities like Log4Shell or node-ipc happen. Track your dependencies and builds in a centralized service. Get started in one-click via our GitHub App or host it yourself. https://github.com/apps/lunatrace-by-lunasec/
security
dependency-analysis
cybersecurity
pci-dss
web-security
compliance
hardening
scanning
cve-scanning
tokenization
gdpr
security-tools
devsecops
zero-trust
soc2
privacy-by-design
sbom
scanning-tool
sbom-generator
log4shell
-
Updated
Aug 22, 2022 - TypeScript
A suite of tools to assist with reviewing Open Source Software dependencies.
package-manager
open-source-licensing
foss
dependency-graph
provenance
compliance
dependencies
license
spdx
copyright
hacktoberfest
license-management
license-checking
license-scan
package-scan
copyright-scan
open-chain-project
oss-compliance
sbom
sbom-generator
-
Updated
Aug 23, 2022 - Kotlin
The SBOM tool is a highly scalable and enterprise ready tool to create SPDX 2.2 compatible SBOMs for any variety of artifacts.
-
Updated
Aug 23, 2022 - C#
Tern is a software composition analysis tool and Python library that generates a Software Bill of Materials for container images and Dockerfiles. The SBOM that Tern generates will give you a layer-by-layer view of what's inside your container in a variety of formats including human-readable, JSON, HTML, SPDX and more.
python
docker
open-source
tool
containers
compliance
dependencies
spdx
metadata-extraction
risk-management
software-composition-analysis
oss-compliance
sbom
supply-chain-security
-
Updated
Jul 26, 2022 - Python
KubeClarity is a tool for detection and management of Software Bill Of Materials (SBOM) and vulnerabilities of container images and filesystems
kubernetes
security
scanner
supply-chain
vulnerabilities
sbom
kubernetes-security
effortless-integrations
-
Updated
Aug 24, 2022 - Go
DevSecOps for Air Gap & Limited-Connection Systems. https://zarf.dev/
government
docker
kubernetes
helm
docker-registry
oci
k8s
cloud-native
dod
airgap
gitops
kustomize
sbom
k3s
cosign
-
Updated
Aug 24, 2022 - Go
Fully open-source security audit for project dependencies based on known vulnerabilities and advisories. Supports both local repos and container images. Integrates with various CI environments such as Azure Pipelines, CircleCI, Google CloudBuild. No server required!
docker
containers
dependency-analysis
cve
sca
vulnerability-scanners
sbom
risk-audit
dependency-audit
-
Updated
Jun 21, 2022 - Python
A tool to automatically build a dependency graph and Software Bill of Materials (SBOM) for packages and arbitrary source code repositories.
dependency-analysis
dependency-graph
hacktoberfest
vulnerability-scanner
sbom
hacktoberfest2021
sbom-generator
-
Updated
Jul 29, 2022 - Python
Scans your project to determine what components you use
static-analysis
dependencies
package-management
software-composition-analysis
software-bill-of-materials
sbom
-
Updated
Aug 24, 2022 - C#
HummerRisk 是云原生安全检测平台。
security
cloud
cloud-native
nuclei
cve
nvd
xray
cvss
tsunami
cloud-custodian
syft
dependency-check
prowler
sbom
cnsp
cspm
vlun
grype
cloud-native-security
-
Updated
Aug 23, 2022 - Java
Software Bill of Material (SBOM) standard designed for use in application security contexts and supply chain component analysis
component
supply-chain
owasp
specification
standard
bom
software
vex
license
spdx
cpe
software-security
swid
bill-of-materials
software-bill-of-materials
sbom
cyclonedx
obom
mbom
saasbom
-
Updated
Aug 13, 2022 - XSLT
Make production Rust binaries auditable
-
Updated
Aug 19, 2022 - Rust
A curated list of SBOM (Software Bill Of Materials) related tools, frameworks, blogs, podcasts, and articles
-
Updated
Jul 14, 2022
Creates CycloneDX Software Bill of Materials (SBOM) from Maven projects
maven
owasp
maven-plugin
bom
vex
spdx
bill-of-materials
software-bill-of-materials
purl
package-url
sbom
cyclonedx
sbom-generator
obom
mbom
saasbom
-
Updated
Aug 15, 2022 - Java
Improve this page
Add a description, image, and links to the sbom topic page so that developers can more easily learn about it.
Add this topic to your repo
To associate your repository with the sbom topic, visit your repo's landing page and select "manage topics."