KubeClarity is a tool for detection and management of Software Bill Of Materials (SBOM) and vulnerabilities of container images and filesystems
-
Updated
Aug 6, 2024 - Go
KubeClarity is a tool for detection and management of Software Bill Of Materials (SBOM) and vulnerabilities of container images and filesystems
GUAC aggregates software security metadata into a high fidelity graph database.
Software Supply Chain Transparency Log
Go implementation of The Update Framework (TUF)
Scans Software Bill of Materials (SBOMs) for security vulnerabilities
Witness is a pluggable framework for software supply chain risk management. It automates, normalizes, and verifies software artifact provenance.
Official GitHub Action for OpenSSF Scorecard.
Software Supply Chain Security Platform
boostsecurityio/poutine
A tool to create, transform and attest VEX metadata
Throw a tag at and it comes back with a checksum.
Go implementation of Centrifuge POD (Private Off-chain Data) node
Example goreleaser + github actions config with keyless signing and SBOM generation
fatbom (Fat Bill Of Materials) is a tool which combines the SBOM generated by various tools into one fat SBOM. Thus leveraging each tool's strength.
A P2P blockchain network created using Golang!
Cryptographic, immutable, append only software release ledger.
Hyperledger Fabric network for IoT enabled permissioned blockchain with sensor requirements control Smart Contracts
Embedded IoT sensor system for harvesting environment data and publishing it onto the permissioned blockchain network
Add a description, image, and links to the supply-chain topic page so that developers can more easily learn about it.
To associate your repository with the supply-chain topic, visit your repo's landing page and select "manage topics."