CycloneDX SBOM Model and Utils for Creating and Validating BOMs
-
Updated
Jun 18, 2024 - Java
CycloneDX SBOM Model and Utils for Creating and Validating BOMs
Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.
A Java project with obsolete hashing methods - for testing code-analysis tools
GitHub app for SBOM creation using cdxgen and upload to Dependency-Track
Main repository for the official Dependency-Track Jenkins plugin
This repository contains a SonarQube Plugin that detects cryptographic assets in source code and generates CBOM.
Creates CycloneDX Software Bill of Materials (SBOM) from Maven projects
Creates CycloneDX Software Bill of Materials (SBOM) from Gradle projects
Java library which implements the Java object model for SPDX and provides useful helper functions
Lockheed Martin developed utility to generate CycloneDX SBOMs for Linux distributions
Lockheed Martin developed common SBOM library
Lucy is a component analysis platform to minimize the risk of license infringements and to support and optimize the license compliance process.
SBOM-in-a-Box is a unified platform to promote the production, consumption, and utilization of Software Bills of Materials.
This repo accumulate underlying data and analysis results for assessing the current landscape of open-source and proprietary tools related to Software Bill of Materials (SBOM). We additionally compiled our findings into a comprehensive spreadsheet detailing 86 tools and their use cases.
HummerRisk 是云原生安全平台,包括混合云安全治理和云原生安全检测。
PlugFest-in-a-Box is a powerful tool to reveal key areas of difference between several Software Bills of Materials (SBOMs) and applying thorough metrics to identify any and all quality issues.
This repo contains the technology stack and its usage for software supply chain security of a Java application
Add a description, image, and links to the sbom topic page so that developers can more easily learn about it.
To associate your repository with the sbom topic, visit your repo's landing page and select "manage topics."