Launch HN: EdgeBit (YC W23) – live software vulnerability analysis

This page summarizes the projects mentioned and recommended in the original post on news.ycombinator.com
Containers Docker Go Golang Static Analysis

SurveyJS
Our great sponsors
  • SurveyJS - Open-Source JSON Form Builder to Create Dynamic Forms Right in Your App
  • InfluxDB - Power Real-Time Data Analytics at Scale
  • WorkOS - The modern identity platform for B2B SaaS
Our great sponsors

  • syft

    CLI tool and library for generating a Software Bill of Materials from container images and filesystems

    • Inside of the SBOMs, we can detect a lot: https://github.com/anchore/syft#supported-ecosystems

    You're right that the active/dormant detection needs to be customized per type of runtime. We cover rpm/deb, python and java with the node and others coming very soon. The compiled languages will be our main focus next. For example, Go binaries embed some dependency metadata in the binary itself.

    Also related to this effort is the "in-toto" integrity chain: https://in-toto.io/in-toto/ Since we're already connecting build to run, we aim to complete the chain.

  • sso-wall-of-shame

    A list of vendors that treat single sign-on as a luxury feature, not a core security requirement.

    • FWIW it's frowned upon for security tools to have https://sso.tax, and your pricing page doesn't list any pricing.

  • SurveyJS

    Open-Source JSON Form Builder to Create Dynamic Forms Right in Your App. With SurveyJS form UI libraries, you can build and style forms in a fully-integrated drag & drop form builder, render them in your JS app, and store form submission data in any backend, inc. PHP, ASP.NET Core, and Node.js.

    SurveyJS logo
NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts