sbom topic

List sbom repositories

meta-package-manager

443
Stars
33
Forks
Watchers

🎁 wraps all package managers with a unifying CLI

verified publisher icon kdeldycke

sbom-operator

182
Stars
24
Forks
Watchers

Catalogue all images of a Kubernetes cluster to multiple targets with Syft

verified publisher icon ckotzbauer

vulnerability-operator

77
Stars
10
Forks
Watchers

Scans SBOMs for vulnerabilities with Grype

verified publisher icon ckotzbauer

scancode-toolkit

2.0k
Stars
532
Forks
Watchers

:mag: ScanCode detects licenses, copyrights, dependencies by "scanning code" ... to discover and inventory open source and third-party packages used in your code. Sponsored by NLnet project https://nl...

verified publisher icon nexB

lunasec

1.4k
Stars
162
Forks
Watchers

LunaSec - Dependency Security Scanner that automatically notifies you about vulnerabilities like Log4Shell or node-ipc in your Pull Requests and Builds. Protect yourself in 30 seconds with the LunaTra...

verified publisher icon lunasec-io

it-depends

319
Stars
20
Forks
Watchers

A tool to automatically build a dependency graph and Software Bill of Materials (SBOM) for packages and arbitrary source code repositories.

verified publisher icon trailofbits

zarf

1.2k
Stars
143
Forks
Watchers

DevSecOps for Air Gap & Limited-Connection Systems. https://zarf.dev/

verified publisher icon defenseunicorns

dependency-track

2.4k
Stars
517
Forks
Watchers

Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.

verified publisher icon DependencyTrack

tern

942
Stars
187
Forks
Watchers

Tern is a software composition analysis tool and Python library that generates a Software Bill of Materials for container images and Dockerfiles. The SBOM that Tern generates will give you a layer-by-...

verified publisher icon tern-tools

ort

1.5k
Stars
294
Forks
Watchers

A suite of tools to automate software compliance checks.

verified publisher icon oss-review-toolkit