DevSecOps for Air Gap & Limited-Connection Systems. https://zarf.dev/
-
Updated
May 22, 2024 - Go
DevSecOps for Air Gap & Limited-Connection Systems. https://zarf.dev/
A suite of tools to automate software compliance checks.
Chainloop is an Open Source evidence store for your Software Supply Chain attestations, SBOMs, VEX, SARIF, CSAF files, QA reports, and more.
Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.
A secure Multi-Tenant, Cloud Native, Micro Service application management platform
CLI tool and library for generating a Software Bill of Materials from container images and filesystems
VMClarity is a tool for agentless detection and management of Virtual Machine Software Bill Of Materials (SBOM) and vulnerabilities
Creates CycloneDX Bill of Materials (BOM) for your projects from source and container images. Supports many languages and package managers. Integrate in your CI/CD pipeline with automatic submission to Dependency Track server. Slack: https://cyclonedx.slack.com/archives/C04NFFE1962
Inventory container image packages in .NET
Creates CycloneDX Software Bill of Materials (SBOM) from Rust (Cargo) projects
Modular framework for SBOM generation that gathers file information and analyzes dependencies
CycloneDX CLI tool for SBOM analysis, merging, diffs and format conversions.
Create CycloneDX Software Bill of Materials (SBOM) from Node.js Yarn projects.
The SBOM tool is a highly scalable and enterprise ready tool to create SPDX 2.2 compatible SBOMs for any variety of artifacts.
The CVE Binary Tool helps you determine if your system includes known vulnerabilities. You can scan binaries for over 200 common, vulnerable components (openssl, libpng, libxml2, expat and others), or if you know the components used, you can get a list of known vulnerabilities associated with an SBOM or a list of components and versions.
Core functionality of OWASP CycloneDX for JavaScript (Node.js or WebBrowser) written in TypeScript.
Sample Go application project with supply chain security workflows conforms to the SLSA Build Level 3 specification
The SCANOSS SBOM Workbench graphical user interface to scan and audit your source code.
Reliable Energy Analytics LLC Downloads
Add a description, image, and links to the sbom topic page so that developers can more easily learn about it.
To associate your repository with the sbom topic, visit your repo's landing page and select "manage topics."