GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → awesomeSBOM → awesome-sbom

awesomeSBOM / awesome-sbom

Licence: other
A curated list of SBOM (Software Bill Of Materials) related tools, frameworks, blogs, podcasts, and articles

Labels

awesomesoftware-bill-of-materialssbomsbom-generatorawesome-repossbom-examplesawesome-sbom

Projects that are alternatives of or similar to awesome-sbom

cyclonedx-dotnet
Creates CycloneDX Software Bill of Materials (SBOM) from .NET Projects
Stars: ✭ 110 (-32.93%)
Mutual labels:  software-bill-of-materials, sbom, sbom-generator
cyclonedx-cli
CycloneDX CLI tool for SBOM analysis, merging, diffs and format conversions.
Stars: ✭ 154 (-6.1%)
Mutual labels:  software-bill-of-materials, sbom, sbom-generator
cyclonedx-gomod
Creates CycloneDX Software Bill of Materials (SBOM) from Go modules
Stars: ✭ 27 (-83.54%)
Mutual labels:  software-bill-of-materials, sbom, sbom-generator
cyclonedx-maven-plugin
Creates CycloneDX Software Bill of Materials (SBOM) from Maven projects
Stars: ✭ 103 (-37.2%)
Mutual labels:  software-bill-of-materials, sbom, sbom-generator
cyclonedx-python
Creates CycloneDX Software Bill of Materials (SBOM) from Python projects and environments.
Stars: ✭ 78 (-52.44%)
Mutual labels:  software-bill-of-materials, sbom, sbom-generator
cyclonedx-php-composer
Create CycloneDX Software Bill of Materials (SBOM) from PHP Composer projects
Stars: ✭ 20 (-87.8%)
Mutual labels:  software-bill-of-materials, sbom, sbom-generator
SBOM
Examples and proof-of-concept for Software Bill of Materials (SBOM) code & data
Stars: ✭ 38 (-76.83%)
Mutual labels:  sbom, sbom-generator
cyclonedx-node-module
creates CycloneDX Software Bill of Materials (SBOM) from node-based projects
Stars: ✭ 104 (-36.59%)
Mutual labels:  software-bill-of-materials, sbom
lunasec
LunaSec - Dependency Security Scanner that automatically notifies you about vulnerabilities like Log4Shell or node-ipc in your Pull Requests and Builds. Protect yourself in 30 seconds with the LunaTrace GitHub App: https://github.com/marketplace/lunatrace-by-lunasec/
Stars: ✭ 1,261 (+668.9%)
Mutual labels:  sbom, sbom-generator
specification
Software Bill of Material (SBOM) standard designed for use in application security contexts and supply chain component analysis
Stars: ✭ 129 (-21.34%)
Mutual labels:  software-bill-of-materials, sbom
meta-package-manager
🎁 a wrapper around all package managers
Stars: ✭ 277 (+68.9%)
Mutual labels:  sbom
sbom-operator
Catalogue all images of a Kubernetes cluster to multiple targets with Syft
Stars: ✭ 114 (-30.49%)
Mutual labels:  sbom
dep-scan
Fully open-source security audit for project dependencies based on known vulnerabilities and advisories. Supports both local repos and container images. Integrates with various CI environments such as Azure Pipelines, CircleCI and Google CloudBuild. No server required!
Stars: ✭ 346 (+110.98%)
Mutual labels:  sbom
OpossumUI
A light-weight app to audit and inventory large codebases for open source license compliance.
Stars: ✭ 32 (-80.49%)
Mutual labels:  software-bill-of-materials
cdxgen
Creates CycloneDX Software Bill-of-Materials (SBOM) for your projects from source and container images. Supports many languages and package managers. Integrate in your CI//CD pipeline with automatic submission to Dependency Track server.
Stars: ✭ 75 (-54.27%)
Mutual labels:  sbom
cas
Codenotary Community Attestation Service (CAS) for notarization and authentication of digital artifacts
Stars: ✭ 137 (-16.46%)
Mutual labels:  sbom-generator

awesome-sbom Awesome

A curated list of SBOM (Software Bill Of Materials) related tools, frameworks, blogs, podcasts, and articles

What is SBOM (Software Bill Of Materials) ?

From Wikipedia:

A software bill of materials (SBOM) is a list of components in a piece of software. Software vendors often create products by assembling open source and commercial software components. The SBOM describes the components in a product. It is analogous to a list of ingredients on food packaging: where you might consult a label to avoid foods that may cause an allergies, SBOMs can help companies avoid consumption of software that could harm their organization.

The concept of a BOM is well-established in traditional manufacturing as part of supply chain management. A manufacturer uses a BOM to track the parts it uses to create a product. If defects are later found in a specific part, the BOM makes it easy to locate affected products.

Contents

Official projects

Articles and Blogs

  • Wikipedia - Official Wikipedia Page
  • NTIA - Official National Telecommunications and Information Administration Page
  • What is an SBOM? - The Linux Foundation Article

Repositories

SPDX

Community Repositories

Security Tools

  • bomber - bomber is an application that scans SBoMs for security vulnerabilities.

Articles and Blogs

Videos

Slides

Podcasts

None yet, please contribute!

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].