sca · GitHub Topics | GitHub 中文社区

Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.

owasp appsec security bom vulnerabilities component-analysis nvd software-security software-composition-analysis sca

Java2.71 k

2 天前

pay

@pay-rails

Payments for Ruby on Rails apps

翻译 - Ruby on Rails的订阅引擎。

subscription stripe pay engine rails payment-provider braintree sca paddle payments

Ruby1.97 k

1 天前

OpenSCA-cli

@XmirrorSecurity

OpenSCA is an open source software supply chain security solution that supports the detection of open source dependencies, vulnerabilities and license compliance with a widely noticed accuracy by the ...

翻译 - OpenSCA 是一种软件组合分析 (SCA) 解决方案，支持检测开源组件依赖项和漏洞。

sca devsecops opensca security

Go1.09 k

1 个月前

log4j-detector

@mergebase

A public open sourced tool. Log4J scanner that detects vulnerable Log4J versions (CVE-2021-44228, CVE-2021-45046, etc) on your file-system within any application. It is able to even find Log4J instan...

翻译 - 在任何应用程序的文件系统上检测易受攻击的 log4j 版本。它甚至能够找到隐藏在几层深处的实例。适用于 Linux、Windows 和 Mac，也适用于 Java 运行的其他任何地方！

log4j cve-2021-44228 cve-2021-45046 cybersecurity sca pentest log4shell scanner detector cve-2021-45105

Java638

3 年前

cdxgen

@CycloneDX

Creates CycloneDX Software Bill-of-Materials (SBOM) for your projects from source and container images. Supports many languages and package managers. Integrate in your CI//CD pipeline with automatic s...

bom sca cyclonedx sbom docker oci containers owasp package-url purl

JavaScript279

1 年前