openRiskScore VS ElectricEye

What are some alternatives?

flower - Flower: A Friendly Federated Learning Framework

consoleme - A Central Control Plane for AWS Permissions and Access

scorecard - OpenSSF Scorecard - Security health metrics for Open Source

dep-scan - OWASP dep-scan is a next-generation security and risk audit tool based on known vulnerabilities, advisories, and license limitations for project dependencies. Both local repositories and container images are supported as the input, and the tool is ideal for integration.

FATE - An Industrial Grade Federated Learning Framework

prowler - Prowler is an Open Source Security tool for AWS, Azure, GCP and Kubernetes to do security assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, Well-Architected Security, ENS and more

Lynx - A very light weight dependency graph for systems with massive calculation complexities or scheduling systems

faraday_plugins - Security tools report parsers for Faradaysec.com

tern - Tern is a software composition analysis tool and Python library that generates a Software Bill of Materials for container images and Dockerfiles. The SBOM that Tern generates will give you a layer-by-layer view of what's inside your container in a variety of formats including human-readable, JSON, HTML, SPDX and more.

AWSXenos - AWSXenos will list all the trust relationships in all the IAM roles and S3 buckets

Open-Risk-Manual-PdfBooks - Collection of PdfBooks extracted from the Open Risk Manual

checkov - Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open source packages with Checkov by Bridgecrew.