Software Component Verification Standard (SCVS)

中央競馬に出走する母父キングヘイローの競走馬を一覧にしたページ

This is the GitHub repo of the OpenChain SBOM Study Group

Revealjs vsCode extension

Streamline vulnerability patching with CVSS, EPSS, and CISA's Known Exploited Vulnerabilities. Prioritize actions based on real-time threat information, gain a competitive advantage, and stay infor…

OASIS Open Command and Control (OpenC2) TC: Configuration management and version control for developing the OpenC2 Software Bill of Materials (SBoM) actuator profile. https://github.com/oasis-tcs/o…

Black Duck Docker Orchestration Files/Documentation

Scanning and analysis for Black Duck SCA products.

terasoluna.org website

脆弱性トリアージガイドライン作成の手引き

A standard API specification for exchanging supply chain artifacts and intelligence

Markdown Version of the DHS/CISA Secure Software Development Self Attestation Form.

Secure Software Development Fundamentals courses (from the OpenSSF Best Practices WG)

Generation of diagrams like flowcharts or sequence diagrams from text in a similar manner as markdown

A repo to conduct vulnerability enrichment.

SPDX Tools

SW360 project

CSVDLTool is a tool that can export information on vulnerabilities and libraries in CSV format.

Government Interoperability Framework

Adversarial Robustness Toolbox (ART) - Python Library for Machine Learning Security - Evasion, Poisoning, Extraction, Inference - Red and Blue Teams

書籍『AIセキュリティから学ぶ ディープラーニング［技術］入門]』(技術評論者発行)で利用するソースコードを掲載しています（公式）。

Find & pull public SBOMs

Scraper for daily renewal of the Known Exploited Vulnerabilities Catalog by CISA

OpenClarity is an open source tool built to enhance security and observability of cloud native applications and infrastructure