1 repo
Awesome GitHub RepositoriesSoftware Composition Analysis Tools
Security utilities that detect open source dependencies and licenses to manage supply chain risks.
Distinguishing note: Focuses on dependency management and license compliance.
Explore 1 awesome GitHub repository matching security & cryptography · Software Composition Analysis Tools. Refine with filters or upvote what's useful.
Awesome Software Composition Analysis Tools GitHub Repositories
Find the best repos with AI.We'll search the best matching repositories with AI.
- aquasecurity/trivy
aquasecurity/trivy
32,026View on GitHubTrivy is a comprehensive security scanner designed to identify vulnerabilities and misconfigurations across container images, filesystems, and infrastructure as code files. It functions as a software composition analysis tool and an infrastructure security scanner, providing automated checks for CI/CD pipelines and cloud environments to ensure the integrity of the software supply chain. The tool distinguishes itself through a modular, plugin-based architecture that allows for the independent inspection of diverse targets. It utilizes a declarative policy engine to evaluate configurations agai
Detects open source dependencies and licenses to manage supply chain risks.
Gocontainersdevsecopsdocker
