mainframe application portfolio analysis, antlr4 grammars and java for static analysis of cobol+cics+db2+sqlims+execdli, jcl
-
Updated
May 24, 2024 - ANTLR
mainframe application portfolio analysis, antlr4 grammars and java for static analysis of cobol+cics+db2+sqlims+execdli, jcl
Creates CycloneDX Bill of Materials (BOM) for your projects from source and container images. Supports many languages and package managers. Integrate in your CI/CD pipeline with automatic submission to Dependency Track server. Slack: https://cyclonedx.slack.com/archives/C04NFFE1962
Make production Rust binaries auditable
CLI tool and library for generating a Software Bill of Materials from container images and filesystems
Inventory container image packages in .NET
🎁 wraps all package managers with a unifying CLI
A suite of tools to automate software compliance checks.
SBOM quality score - Quality metrics for your sboms
VMClarity is a tool for agentless detection and management of Virtual Machine Software Bill Of Materials (SBOM) and vulnerabilities
Create CycloneDX Software Bill of Materials (SBOM) from Node.js Yarn projects.
Chainloop is an Open Source evidence store for your Software Supply Chain attestations, SBOMs, VEX, SARIF, CSAF files, QA reports, and more.
scanner detecting the use of JavaScript libraries with known vulnerabilities. Can also generate an SBOM of the libraries it finds.
DevSecOps for Air Gap & Limited-Connection Systems. https://zarf.dev/
OWASP CycloneDX is a full-stack Bill of Materials (BOM) standard that provides advanced supply chain capabilities for cyber risk reduction. SBOM, SaaSBOM, HBOM, AI/ML-BOM, CBOM, OBOM, MBOM, VDR, and VEX
Core functionality of OWASP CycloneDX for JavaScript (Node.js or WebBrowser) written in TypeScript.
Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.
A scanner for end-of-life (EOL) software and dependencies in container images, filesystems, and SBOMs
A highly configurable build executor and observer designed to generate signed SLSA provenance attestations about build runs.
Macaron is an extensible supply-chain security analysis framework from Oracle Labs that supports a wide range of build systems and CI/CD services. It can be used to prevent supply chain attacks or check conformance to frameworks, such as SLSA.
Add a description, image, and links to the sbom topic page so that developers can more easily learn about it.
To associate your repository with the sbom topic, visit your repo's landing page and select "manage topics."