Lists (6)
Stars
A Go-based CLI tool to automate the upload and lifecycle management of Software Bill of Materials (SBOM) in OWASP Dependency-Track.
Functionality and DataModels of OWASP CycloneDX for Python
A Python tool to enrich CycloneDX VEX (Vulnerability Exploitability eXchange) documents exported from Endor Labs with detailed exception policy metadata, including impact analysis state, justificat…
PowerShell module to manage SPDX licences
CycloneDX CLI tool for SBOM analysis, merging, diffs and format conversions.
Enriches CycloneDX Software Bills of Materials (SBOM) with predefined data
Software Bill-of-Materials documents for Python packages
OWASP dep-scan is a next-generation security and risk audit tool based on known vulnerabilities, advisories, and license limitations for project dependencies. Both local repositories and container …
Utility that turns Bazel-built jars into Maven compatible artifacts
Library to ingest and generate VEX documents
Generate VEX (Vulnerability Exploitability Exchange) CycloneDX documents
SBOM Search - Context aware search in SBOM repositories
Transform SBOM contents into a formatted document including markdown and PDF formats
Tool for creating, modifying and validating CycloneDX SBOMs.
Generate a score for your sbom to understand if it will actually be useful.
Search for Common Platform Enumeration (CPE) strings using software names and titles.
Tool to guess CPE name based on common software name
App that simplifies building decision trees to model adverse scenarios
A graphical user interface tool used to create MAL instance models
A list of tools, blog posts, and other resources that further the use and adoption of OSCAL standards.
An opinionated tooling platform for managing compliance as code, using continuous integration and NIST's OSCAL standard.
Security automation content in SCAP, Bash, Ansible, and other formats