A compilation of Software Supply Chain Security resources including initiatives, standards, regulations, organizations, vendors, tooling, books, articles and a plethora of learning resources from the web.
-
Updated
Jan 28, 2024
A compilation of Software Supply Chain Security resources including initiatives, standards, regulations, organizations, vendors, tooling, books, articles and a plethora of learning resources from the web.
Our mission is to catalyze sustainable improvements to critical open source software projects and ecosystems.
TuxCare SecureChain enhances Java supply chain security through vetted libraries, vulnerability fixes, and extended support. Ideal for enterprise-level compliance and secure development.
Securiskan: Scan files for malware. Secure your digital space.
Apache OfBiz Auth Bypass Scanner for CVE-2023-51467
Comprehensive Exploit Chain for Multiple Vulnerabilities in VinChin Backup & Recovery <= 7.2
Bitbucket pipe to generate a CycloneDX sBOM for node/npm projects
Studying open source security resources in SUA
A Bitbucket Pipe containing a collection of open source tools to perform various types of additional analysis on a CycloneDX or SPDX sBOM (Software Bill of Materials).
Bitbucket pipe to generate a CycloneDX sBOM for Java, Go, Python & Node projects
GitHub Action to install phylum CLI tool
Preventing sensitive data from being pushed to a repository | Removing traces of the sensitive data | GitHub vulnerability alerts| Fixing vulnerable dependencies | Security policy | .gitignore | Tracing sensitive data
Add a description, image, and links to the open-source-security topic page so that developers can more easily learn about it.
To associate your repository with the open-source-security topic, visit your repo's landing page and select "manage topics."