Explore 8 curated tools and resources
Want your tool featured here?
Get maximum visibility with pinned placement
Ossprey is a software supply chain security platform that uses AI-powered scanning to detect malicious open source code and prevent supply chain attacks through automated policy enforcement and dependency analysis.
Ossprey is a software supply chain security platform that uses AI-powered scanning to detect malicious open source code and prevent supply chain attacks through automated policy enforcement and dependency analysis.
A device security analysis platform that provides comprehensive vulnerability scanning, SBOM management, and supply chain security monitoring for connected devices and their components.
A device security analysis platform that provides comprehensive vulnerability scanning, SBOM management, and supply chain security monitoring for connected devices and their components.
Preflight is a Go-based verification tool that helps organizations validate scripts and executables to prevent supply chain attacks by enabling secure self-compilation and trusted distribution methods.
Preflight is a Go-based verification tool that helps organizations validate scripts and executables to prevent supply chain attacks by enabling secure self-compilation and trusted distribution methods.
A security tool that detects potential Dependency Confusion attack vectors by identifying private package names that are not reserved on public registries.
A security tool that detects potential Dependency Confusion attack vectors by identifying private package names that are not reserved on public registries.
A Python script that scans Nexus Repository Manager for artifacts with identical names across repositories to identify dependency confusion attack vulnerabilities.
A Python script that scans Nexus Repository Manager for artifacts with identical names across repositories to identify dependency confusion attack vulnerabilities.
npm-zoo is a curated database of known malicious NPM packages that helps developers and security researchers identify and avoid potentially harmful dependencies in their projects.
npm-zoo is a curated database of known malicious NPM packages that helps developers and security researchers identify and avoid potentially harmful dependencies in their projects.
A dependency security scanner that identifies potential supply chain vulnerabilities by checking for available package namespace registrations across Python, JavaScript, PHP, and Maven repositories.
A dependency security scanner that identifies potential supply chain vulnerabilities by checking for available package namespace registrations across Python, JavaScript, PHP, and Maven repositories.
LunaTrace is an open source supply chain security tool that monitors software dependencies for vulnerabilities and integrates with GitHub to notify developers of security issues before deployment.
LunaTrace is an open source supply chain security tool that monitors software dependencies for vulnerabilities and integrates with GitHub to notify developers of security issues before deployment.