sbom topic

List sbom repositories

meta-package-manager

442
Stars
33
Forks
Watchers

🎁 wraps all package managers with a unifying CLI

verified publisher icon kdeldycke

sbom-operator

181
Stars
24
Forks
Watchers

Catalogue all images of a Kubernetes cluster to multiple targets with Syft

verified publisher icon ckotzbauer

vulnerability-operator

77
Stars
10
Forks
Watchers

Scans SBOMs for vulnerabilities with Grype

verified publisher icon ckotzbauer

scancode-toolkit

2.0k
Stars
530
Forks
Watchers

:mag: ScanCode detects licenses, copyrights, dependencies by "scanning code" ... to discover and inventory open source and third-party packages used in your code. Sponsored by NLnet project https://nl...

verified publisher icon nexB

lunasec

1.4k
Stars
162
Forks
Watchers

LunaSec - Dependency Security Scanner that automatically notifies you about vulnerabilities like Log4Shell or node-ipc in your Pull Requests and Builds. Protect yourself in 30 seconds with the LunaTra...

verified publisher icon lunasec-io

it-depends

318
Stars
19
Forks
Watchers

A tool to automatically build a dependency graph and Software Bill of Materials (SBOM) for packages and arbitrary source code repositories.

verified publisher icon trailofbits

zarf

1.2k
Stars
142
Forks
Watchers

DevSecOps for Air Gap & Limited-Connection Systems. https://zarf.dev/

verified publisher icon defenseunicorns

dependency-track

2.4k
Stars
512
Forks
Watchers

Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.

verified publisher icon DependencyTrack

tern

940
Stars
185
Forks
Watchers

Tern is a software composition analysis tool and Python library that generates a Software Bill of Materials for container images and Dockerfiles. The SBOM that Tern generates will give you a layer-by-...

verified publisher icon tern-tools

ort

1.5k
Stars
293
Forks
Watchers

A suite of tools to automate software compliance checks.

verified publisher icon oss-review-toolkit