tern VS awesome-security-GRC

Compare tern vs awesome-security-GRC and see what are their differences.

tern

Tern is a software composition analysis tool and Python library that generates a Software Bill of Materials for container images and Dockerfiles. The SBOM that Tern generates will give you a layer-by-layer view of what's inside your container in a variety of formats including human-readable, JSON, HTML, SPDX and more. (by tern-tools)
Python Containers oss-compliance sbom Docker Compliance spdx Tool Dependencies software-composition-analysis risk-management open-source supply-chain-security metadata-extraction
Source Code
Suggest alternative
Edit details

awesome-security-GRC

Curated list of resources for security Governance, Risk Management, Compliance and Audit professionals and enthusiasts (if they exist). (by Arudjreis)
risk-management grc Security Compliance Governance Audit
Source Code
Suggest alternative
Edit details
InfluxDB
Our great sponsors
  • InfluxDB - Power Real-Time Data Analytics at Scale
  • WorkOS - The modern identity platform for B2B SaaS
  • SaaSHub - Software Alternatives and Reviews
Our great sponsors
tern awesome-security-GRC
1 2
932 531
0.5% -
3.2 1.7
about 2 months ago 3 months ago
Python
BSD 2-clause "Simplified" License -
The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.

tern

Posts with mentions or reviews of tern. We have used some of these posts to build our list of alternatives and similar projects. The last one was on 2021-06-30.
  • Learn by reading code: Python standard library design decisions explained
    4 projects | news.ycombinator.com | 30 Jun 2021
    A project you may want to look into adding is Tern [0]. I've had a good time reading through the code over the past couple of weeks, and have found it to be at least not "bad" code, and pretty easy to understand.

    Specifically how they are untarring each container layer and creating a chroot jail to run commands inside is fairly self-contained and interesting.

    [0] https://github.com/tern-tools/tern

awesome-security-GRC

Posts with mentions or reviews of awesome-security-GRC. We have used some of these posts to build our list of alternatives and similar projects. The last one was on 2022-11-12.

What are some alternatives?

When comparing tern and awesome-security-GRC you can also consider the following projects:

ort - A suite of tools to automate software compliance checks.

Smart-Contract-Audits - Smart Contract security audit reports

cdxgen - Creates CycloneDX Software Bill of Materials (SBOM) for your projects from source and container images. Supports many languages and package managers. Integrate in your CI/CD pipeline with automatic submission to Dependency Track server. Slack: https://cyclonedx.slack.com/archives/C04NFFE1962

comply - Compliance automation framework, focused on SOC2

goodcode - A curated collection of annotated code examples from prominent open-source projects

threagile - Agile Threat Modeling Toolkit

spdx-spec - The SPDX specification in MarkDown and HTML formats.

awesome-malware-development - Organized list of my malware development resources

import-linter - Import Linter allows you to define and enforce rules for the internal and external imports within your Python project.

crev - Socially scalable Code REView and recommendation system that we desperately need. See http://github.com/crev-dev/cargo-crev for real implemenation.

spdx-license-matcher - A tool to match license text with SPDX license list using a an algorithm with finds close matches. It follows SPDX Matching guidelines to keep the substantial text as well as ignore the replaceable text for matching purposes.

PoC_CVEs - PoC_CVEs

tern vs ort awesome-security-GRC vs Smart-Contract-Audits tern vs cdxgen awesome-security-GRC vs comply tern vs goodcode awesome-security-GRC vs threagile tern vs spdx-spec awesome-security-GRC vs awesome-malware-development tern vs import-linter awesome-security-GRC vs crev tern vs spdx-license-matcher awesome-security-GRC vs PoC_CVEs