scanner detecting the use of JavaScript libraries with known vulnerabilities. Can also generate an SBOM of the libraries it finds.
The SBOM tool is a highly scalable and enterprise ready tool to create SPDX 2.2 compatible SBOMs for any variety of artifacts.
A suite of tools to automate software compliance checks.
LunaSec - Dependency Security Scanner that automatically notifies you about vulnerabilities like Log4Shell or node-ipc in your Pull Requests and Builds. Protect yourself in 30 seconds with the LunaTra...
翻译 - LunaSec - 安全性和合规性 SDK,可阻止软件中的数据泄漏。只需几行代码,LunaSec 就在您的堆栈中添加了零信任架构、独特的每记录加密以及针对 XSS、SQL 注入和 RCE 等常见安全问题的保护。在这里现场试用:https://app.lunasec.dev
A curated list of SBOM (Software Bill Of Materials) related tools, frameworks, blogs, podcasts, and articles
A tool to automatically build a dependency graph and Software Bill of Materials (SBOM) for packages and arbitrary source code repositories.
CycloneDX CLI tool for SBOM analysis, merging, diffs and format conversions.
Creates CycloneDX Software Bill of Materials (SBOM) from Maven projects
CycloneDX Software Bill of Materials (SBOM) generator for Python projects and environments
Creates CycloneDX Software Bill of Materials (SBOM) from .NET Projects
Creates CycloneDX Software Bill of Materials (SBOM) from Gradle projects
A suite of utilities to help with software supply chain challenges on nix targets
Creates CycloneDX Software Bill of Materials (SBOM) from Go modules
creates CycloneDX Software-Bill-of-Materials (SBOM) from node-based projects
Creates CycloneDX Software Bill of Materials (SBOM) from Rust (Cargo) projects
Compage - Low-Code Framework to develop Rest API, gRPC, dRPC, GraphQL, WebAssembly, microservices, FaaS, Temporal workloads, IoT and edge services, K8s controllers, K8s CRDs, K8s custom APIs, K8s Oper...
Create CycloneDX Software Bill of Materials (SBOM) from Node.js NPM projects.
Nix CycloneDX Software Bills of Materials (SBOMs)
Analyze any snippet, file, or repository to detect possible security flaws such as secret in code, open source vulnerability, code security, vulnerability, insecure infrastructure as code, and potenti...
SBOM Assembler - A tool to edit SBOM or assemble multiple sboms into a single sbom.