The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning. Learn more →
Top 8 Python vulnerability-management Projects
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
Hunting-Queries-Detection-Rules
KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules & Hunting Rules.
-
CVE_Prioritizer
Streamline vulnerability patching with CVSS, EPSS, and CISA's Known Exploited Vulnerabilities. Prioritize actions based on real-time threat information, gain a competitive advantage, and stay informed about the latest trends.
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
Project mention: Magika: AI powered fast and efficient file type identification | news.ycombinator.com | 2024-02-15Is it safe to assume that hashing (1) every file on disk, or (2) any given file on disk at random, will yield random bits with uniform probability; and (3) why Argon2 instead of e.g. only two rounds of SHA256?
https://github.com/google/osv.dev/blob/master/README.md#usin... :
> We provide a Go based tool that will scan your dependencies, and check them against the OSV database for known vulnerabilities via the OSV API. ... With package metadata, not (a file hash, package) database that could be generated from OSV and the actual package files instead of their manifest of already-calculated checksums.
Might as well be heating a pool on the roof with all of this waste heat from hashing binaries build from code of unknown static and dynamic quality.
Add'l useful formats:
> Currently it is able to scan various lockfiles, debian docker containers, SPDX and CycloneDB SBOMs, and git repositories
Project mention: Where do you get your information regarding new vulnerabilities and security risks? | /r/sysadmin | 2023-05-09intothewild - https://github.com/gmatuz/inthewilddb/blob/master/rss.xml
Python vulnerability-management related posts
- Monthly Security Checklist
- Announcing Pyscan: A dependency vulnerability scanner for python projects.
- Distributed vulnerability database for Open Source
- OSV-Scanner| Vulnerability Scanner for Open Source from Google
- Vulnerability databases that we can use as part of software supply chain security
- Vulnerability databases that we can use as part of software supply chain security
- Help propose modification to function
-
A note from our sponsor - WorkOS
workos.com | 24 Apr 2024
Index
What are some of the best open-source vulnerability-management projects in Python? This list will help you:
Project | Stars | |
---|---|---|
1 | faraday | 4,600 |
2 | rapidscan | 1,650 |
3 | osv.dev | 1,403 |
4 | Hunting-Queries-Detection-Rules | 993 |
5 | CVE_Prioritizer | 406 |
6 | inthewilddb | 187 |
7 | gvm-tools | 153 |
8 | SSVC | 103 |
Sponsored