OpenClarity is an open source tool built to enhance security and observability of cloud native applications and infrastructure
-
Updated
Sep 30, 2024 - Go
OpenClarity is an open source tool built to enhance security and observability of cloud native applications and infrastructure
GUAC aggregates software security metadata into a high fidelity graph database.
Software Supply Chain Transparency Log
Go implementation of The Update Framework (TUF)
Scans Software Bill of Materials (SBOMs) for security vulnerabilities
Witness is a pluggable framework for software supply chain risk management. It automates, normalizes, and verifies software artifact provenance.
Official GitHub Action for OpenSSF Scorecard.
Software Supply Chain Security Platform
boostsecurityio/poutine
A tool to create, transform and attest VEX metadata
Throw a tag at it and it comes back with a checksum.
Go implementation of Centrifuge POD (Private Off-chain Data) node
Example goreleaser + github actions config with keyless signing and SBOM generation
fatbom (Fat Bill Of Materials) is a tool which combines the SBOM generated by various tools into one fat SBOM. Thus leveraging each tool's strength.
KubeClarity is a tool for detection and management of Software Bill Of Materials (SBOM) and vulnerabilities of container images and filesystems
A P2P blockchain network created using Golang!
Cryptographic, immutable, append only software release ledger.
Hyperledger Fabric network for IoT enabled permissioned blockchain with sensor requirements control Smart Contracts
Add a description, image, and links to the supply-chain topic page so that developers can more easily learn about it.
To associate your repository with the supply-chain topic, visit your repo's landing page and select "manage topics."