GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → CERTCC → SBOM

CERTCC / SBOM

Licence: MIT license
Examples and proof-of-concept for Software Bill of Materials (SBOM) code & data

Programming Languages

javascript
184084 projects - #8 most used programming language
HTML
75241 projects
CSS
56736 projects

Labels

bill-of-materialssbomsbom-generator

Projects that are alternatives of or similar to SBOM

cyclonedx-dotnet
Creates CycloneDX Software Bill of Materials (SBOM) from .NET Projects
Stars: ✭ 110 (+189.47%)
Mutual labels:  bill-of-materials, sbom, sbom-generator
cyclonedx-cli
CycloneDX CLI tool for SBOM analysis, merging, diffs and format conversions.
Stars: ✭ 154 (+305.26%)
Mutual labels:  bill-of-materials, sbom, sbom-generator
cyclonedx-gomod
Creates CycloneDX Software Bill of Materials (SBOM) from Go modules
Stars: ✭ 27 (-28.95%)
Mutual labels:  bill-of-materials, sbom, sbom-generator
cyclonedx-maven-plugin
Creates CycloneDX Software Bill of Materials (SBOM) from Maven projects
Stars: ✭ 103 (+171.05%)
Mutual labels:  bill-of-materials, sbom, sbom-generator
cyclonedx-python
Creates CycloneDX Software Bill of Materials (SBOM) from Python projects and environments.
Stars: ✭ 78 (+105.26%)
Mutual labels:  bill-of-materials, sbom, sbom-generator
cyclonedx-php-composer
Create CycloneDX Software Bill of Materials (SBOM) from PHP Composer projects
Stars: ✭ 20 (-47.37%)
Mutual labels:  bill-of-materials, sbom, sbom-generator
lunasec
LunaSec - Dependency Security Scanner that automatically notifies you about vulnerabilities like Log4Shell or node-ipc in your Pull Requests and Builds. Protect yourself in 30 seconds with the LunaTrace GitHub App: https://github.com/marketplace/lunatrace-by-lunasec/
Stars: ✭ 1,261 (+3218.42%)
Mutual labels:  sbom, sbom-generator
specification
Software Bill of Material (SBOM) standard designed for use in application security contexts and supply chain component analysis
Stars: ✭ 129 (+239.47%)
Mutual labels:  bill-of-materials, sbom
awesome-sbom
A curated list of SBOM (Software Bill Of Materials) related tools, frameworks, blogs, podcasts, and articles
Stars: ✭ 164 (+331.58%)
Mutual labels:  sbom, sbom-generator
cyclonedx-node-module
creates CycloneDX Software Bill of Materials (SBOM) from node-based projects
Stars: ✭ 104 (+173.68%)
Mutual labels:  sbom
dep-scan
Fully open-source security audit for project dependencies based on known vulnerabilities and advisories. Supports both local repos and container images. Integrates with various CI environments such as Azure Pipelines, CircleCI and Google CloudBuild. No server required!
Stars: ✭ 346 (+810.53%)
Mutual labels:  sbom
KiCost
Build cost spreadsheet for a KiCad project.
Stars: ✭ 376 (+889.47%)
Mutual labels:  bill-of-materials
cdxgen
Creates CycloneDX Software Bill-of-Materials (SBOM) for your projects from source and container images. Supports many languages and package managers. Integrate in your CI//CD pipeline with automatic submission to Dependency Track server.
Stars: ✭ 75 (+97.37%)
Mutual labels:  sbom
meta-package-manager
🎁 a wrapper around all package managers
Stars: ✭ 277 (+628.95%)
Mutual labels:  sbom
sbom-operator
Catalogue all images of a Kubernetes cluster to multiple targets with Syft
Stars: ✭ 114 (+200%)
Mutual labels:  sbom
cas
Codenotary Community Attestation Service (CAS) for notarization and authentication of digital artifacts
Stars: ✭ 137 (+260.53%)
Mutual labels:  sbom-generator

SBOM

A "Software Bill of Materials" (SBOM) is effectively a nested inventory, a list of ingredients that make up software components. You can learn more about SBOM at https://www.ntia.gov/sbom. There are several links to community developed documents in the NTIA's website.

SwiftBOM a SBOM generator tool here is part of CERT's work in supporting SBOM generation efforts for Proof-of-Concepts and Demo purposes. This tool is currently being explored by Healthcare Proof of Concept teams for their PoC efforts.

The SwiftBOM has some live demo that you can run to see SBOM generation supported by the tool. The tool also has some limited import capability to accept SBOM input and provide multiple format outputs.

SBOM Formats

SwiftBOM currently generates SBOM in SPDX, CycloneDX and SWID formats. A tree graph is also generated by SwiftBOM that can be downloaded as a PNG file to quickly visualize relationships between components in an SBOM. Currently the tool uses CONTAINS as the default relationship mode (SWID Relationships)[https://spdx.github.io/spdx-spec/7-relationships-between-SPDX-elements/#71-relationship]. A generated SBOM in all three formats is currently a standalone document and does not support external relationships.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].