saasbom

Open-source projects categorized as saasbom
Edit details
Language: + Java + JavaScript + Go + C#
Topics: software-bill-of-materials bom Owasp sbom obom
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com
featured

Top 6 saasbom Open-Source Projects

  • cdxgen

    Creates CycloneDX Bill of Materials (BOM) for your projects from source and container images. Supports many languages and package managers. Integrate in your CI/CD pipeline with automatic submission to Dependency Track server. Slack: https://cyclonedx.slack.com/archives/C04NFFE1962

    • Project mention: Show devsecops: OWASP dep-scan v5 - a next-generation security and risk audit tool for everyone | /r/devsecops | 2023-12-05

    Today, it gives me great pleasure to announce OWASP dep-scan v5. Like everyone, I was constantly frustrated with the amount of false positives generated by all Software Composition Analysis tools (including mine) and wanted to do something. I worked closely with a few colleagues (Caroline, Tim, Saket, and David) for a year to build the various capabilities that together form depscan v5.

  • cyclonedx-maven-plugin

    Creates CycloneDX Software Bill of Materials (SBOM) from Maven projects

    • Project mention: Best Practices for Adopting Open-Source Software in 2024 | dev.to | 2024-05-17

    SPDX17 is an open standard developed by the Linux Foundation to communicate details of a SBOM, including components, licenses, copyrights, and security references, recognised internationally as ISO/IEC 5962:202118 (System Package Data Exchange (SPDX®) 2024). CycloneDX19, originating from the Open Web Application Security Project (OWASP) community, is an SBOM standard crafted for application security and supply chain component analysis, now extended to encompass a broader array of applications such as software-as-a-service BOM (SaaSBOM) (CycloneDX 2024).

  • InfluxDB

    Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

    InfluxDB logo

  • bom-examples

    A repository with examples of CycloneDX BOMs (SBOM, SaaSBOM, OBOM, VEX, etc)

    • Project mention: Do You Need an SBOM? | dev.to | 2024-05-06

    We won't dive deep, but here's a component listing for the @babel/polyfill NodeJS module from the ProtonMail web client's SBOM in CycloneDX's examples repository. It provides a variety of information about the component, including a published hash for that release that can be used to verify the authenticity of the component.

  • cyclonedx-gomod

    Creates CycloneDX Software Bill of Materials (SBOM) from Go modules

  • cyclonedx-core-java

    CycloneDX SBOM Model and Utils for Creating and Validating BOMs

    • Project mention: Dependency inventory / dashboard for multiple maven projects | /r/java | 2023-06-08

  • cyclonedx-bom-repo-server

    A BOM repository server for distributing CycloneDX BOMs

NOTE: The open source projects on this list are ordered by number of github stars. The number of mentions indicates repo mentiontions in the last 12 Months or since we started tracking (Dec 2020).

Index

What are some of the best open-source saasbom projects? This list will help you:

Project Stars
1 cdxgen 469
2 cyclonedx-maven-plugin 274
3 bom-examples 153
4 cyclonedx-gomod 126
5 cyclonedx-core-java 69
6 cyclonedx-bom-repo-server 64

Sponsored
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com