OpenSCA is an open source software supply chain security solution that supports the detection of open source dependencies, vulnerabilities and license compliance with a widely noticed accuracy by the community.

OWASP CycloneDX is a full-stack Bill of Materials (BOM) standard that provides advanced supply chain capabilities for cyber risk reduction. SBOM, SaaSBOM, HBOM, AI/ML-BOM, CBOM, OBOM, MBOM, VDR, and VEX

RPM/SWID vulnerability scanner

SWID and CoSWID manipulation library

A simple webapp that provides guidance on and creates Package URLs of type "swid"

Generate Software ID (SWID) Tag online, according to ISO/IEC 19770-2:2015

Utilities for firmware SBoMs

RxSwift 해봅시다 🧑‍💻

[WIP] Utilities for embedding CoSWID tags in EFI binaries - written on Zig