sbom topics

specification

446

Stars

79

Forks

446

Watchers

OWASP CycloneDX is a full-stack Bill of Materials (BOM) standard that provides advanced supply chain capabilities for cyber risk reduction. SBOM, SaaSBOM, HBOM, AI/ML-BOM, CBOM, OBOM, MBOM, VDR, and V...

CycloneDX

bill-of-materials

bom

component

cpe

cyclonedx-maven-plugin

275

Stars

83

Forks

Watchers

Creates CycloneDX Software Bill of Materials (SBOM) from Maven projects

CycloneDX

bill-of-materials

bom

cyclonedx

maven

syft

5.6k

Stars

511

Forks

Watchers

CLI tool and library for generating a Software Bill of Materials from container images and filesystems

anchore

containers

cyclonedx

docker

go

cargo-auditable

579

Stars

25

Forks

Watchers

Make production Rust binaries auditable

rust-secure-code

cargo-plugin

cargo-subcommand

rust

rust-lang

component-detection

385

Stars

81

Forks

Watchers

Scans your project to determine what components you use

microsoft

dependencies

package-management

sbom

software-bill-of-materials

awesome-sbom

431

Stars

56

Forks

Watchers

A curated list of SBOM (Software Bill Of Materials) related tools, frameworks, blogs, podcasts, and articles

awesomeSBOM

awesome

awesome-repos

awesome-sbom

sbom

reuse-tool

356

Stars

134

Forks

Watchers

reuse is a tool for compliance with the REUSE recommendations.

fsfe

analyzer

copyright

free-software

fsfe

dep-scan

889

Stars

88

Forks

Watchers

OWASP dep-scan is a next-generation security and risk audit tool based on known vulnerabilities, advisories, and license limitations for project dependencies. Both local repositories and container ima...

owasp-dep-scan

containers

cve

dependency-analysis

dependency-audit