Dependency-Track is an intelligent Component Analysis platform that allo...
:mag: ScanCode detects licenses, copyrights, dependencies by "scanning c...
Payments for Ruby on Rails apps
An open source tool focused on software supply chain security. 墨菲安全...
A suite of tools to automate software compliance checks.
OpenSCA is an open source software supply chain security solution that s...
OWASP dep-scan is a next-generation security and risk audit tool based o...
A public open sourced tool. Log4J scanner that detects vulnerable Log4J...
A simple Java command-line utility to mirror the CVE JSON data from NIST.
prancer platform is an IaC Security engine + Continuous Compliance for y...
用于检测maven项目的第三方依赖组件是否存在安全漏洞。
ScanCode.io is a server to script and automate software composition anal...
A curated list of Software Component Analysis (SCA) books, courses - fre...
Boost security in your dev lifecycle via SAST, SCA, Secrets & IaC scanning
Detections for CVE-2021-44228 inside of nested binaries