The Wayback Machine - https://web.archive.org/web/20230326102026/https://github.com/topics/software-supply-chain-security

#

software-supply-chain-security

Here are 18 public repositories matching this topic...

aquasecurity / chain-bench

An open-source tool for auditing your software supply chain stack for security compliance based on a new CIS Software Supply Chain benchmark.

go golang security cis software-supply-chain vulnera security-tools devsecops misconfiguration open-policy-agent software-supply-chain-security

Updated Mar 19, 2023
Go

DataDog / guarddog

🐍 🔍 GuardDog is a CLI tool to Identify malicious PyPI and npm packages

python npm python-security pypi-packages npm-packages malicious-packages software-supply-chain-security

Updated Mar 21, 2023
Python

bureado / awesome-software-supply-chain-security

A compilation of resources in the software supply chain security domain, with emphasis on open source

static-analysis awesome-list security-vulnerability dependencies vulnerability-management software-supply-chain cve-scanning attestation package-management reproducible-builds devsecops software-composition-analysis vulnerability-scanning dependency-management oss-compliance sbom supply-chain-security supply-chain-attacks software-supply-chain-security

Updated Nov 14, 2022

in-toto / attestation

in-toto Attestation Framework (ITE-6)

software-supply-chain-security

Updated Mar 24, 2023
Go

argoproj-labs / argocd-interlace

Enabling Software Supply Chain Security Capabilities in ArgoCD

argocd in-toto sigstore software-supply-chain-security

Updated Nov 4, 2022
Go

phylum-dev / birdcage

Cross-platform embeddable sandboxing

security sandbox malware security-tools software-supply-chain-security secure-software-supply-chain

Updated Feb 7, 2023
Rust

phylum-dev / cli

Command line interface for the Phylum API

rust cli security malware supply-chain vulnerabilities software-supply-chain malware-detection security-scan software-supply-chain-security secure-software-supply-chain

Updated Mar 24, 2023
Rust

meta-fun / awesome-software-supply-chain-security

Sharing software supply chain security open source projects

kubernetes security devops dependency-analysis supply-chain cicd software-supply-chain security-tools software-composition-analysis vulnerability-scanner sast sbom supply-chain-security software-supply-chain-security

Updated Dec 19, 2022

DataDog / malicious-software-packages-dataset

An open-source dataset of malicious software packages found in the wild, 100% vetted by humans.

dataset malicious-packages software-supply-chain-security guarddog

Updated Mar 24, 2023
Python

rewanthtammana / sigstore-the-easy-way

Software signing just got easier

guide sigstore software-supply-chain-security

Updated Nov 29, 2022
HTML

assuremoss / lastpymile

A reimplementation of LastPyMile: A Python-based library to Identify the differences between build artifacts of PyPI packages and the respective source code repository

pypi-packages software-supply-chain-security

Updated Jan 8, 2022
Python

IntelLabs / supply-chain-attribute-integrity

The Software Supply Chain Attribute Integrity, or SCAI (pronounced "sky"), specification proposes a data format for capturing functional attribute and integrity information about software artifacts and their supply chain.

integrity metadata-api software-supply-chain-security

Updated Feb 14, 2023
Python

paulveillard / cybersecurity-software

An ongoing & curated collection of awesome software best practices and techniques, libraries and frameworks, E-books and videos, websites, blog posts, links to github Repositories, technical guidelines and important resources about Software in Cybersecurity

software-engineering software-development software-testing software-supply-chain software-security software-factory software-team software-supply-chain-security

Updated Mar 8, 2023

listendev / lstn

A CLI tool to analyze the behavior of your dependencies using listen.dev

npm security dependencies o11y behavioral-analysis software-supply-chain-security

Updated Mar 24, 2023
Go

in-toto / community

in-toto is a framework to secure the software supply chain.

cncf software-supply-chain in-toto software-supply-chain-security

Updated Mar 7, 2023

toddysm / cssc-pipeline

Sample CI/CD pipeline for creating container images with provenance details.

containers signatures software-supply-chain signature-verification notary sigstore software-supply-chain-security

Updated Jan 25, 2023
Python

zafararslan / Cybersecurity

End-to-End Cybersecurity

cybersecurity cloudsecurity devsecops data-security cloud-native-security software-supply-chain-security

Updated Nov 10, 2022

santiago-mooser / Software-supply-chain-security

Capstone project assessing the current state of the software supply chain in open-source projects

python docker supply-chain software-supply-chain final-year-project software-supply-chain-security

Updated Mar 26, 2023
Python

Improve this page

Add a description, image, and links to the software-supply-chain-security topic page so that developers can more easily learn about it.

Curate this topic

Add this topic to your repo

To associate your repository with the software-supply-chain-security topic, visit your repo's landing page and select "manage topics."