scorecard
Security risk assessment tool
An automated tool assessing software security and providing scores to inform decisions on dependency risks
OpenSSF Scorecard - Security health metrics for Open Source
5k stars
68 watching
499 forks
Language: Go
last commit: 3 days ago openssf-scorecardscorecard
Related projects:
| Repository | Description | Stars |
|---|---|---|
 score-spec/spec | Provides a platform-agnostic specification to describe workload configurations in a vendor-neutral way | 7,806 |
 usnistgov/oscal | Provides standardized formats for representing security controls and their assessments | 674 |
 opencorech/smart-contract-auditing-heuristics | A collection of general guidelines and pitfalls to consider when auditing smart contracts | 575 |
 zegl/kube-score | Analyzes Kubernetes object definitions for security and reliability issues and provides recommendations for improvement. | 2,788 |
 otrf/ossem | Provides standardization and documentation of security event logs to improve data transformation and analysis | 1,238 |
 tanprathan/owasp-testing-checklist | A comprehensive security testing checklist based on OWASP guidelines | 1,506 |
 opensoc/opensoc | A centralized platform for security monitoring and analysis utilizing open-source big data technologies to integrate log aggregation, packet capture indexing, advanced analytics, and threat intelligence. | 572 |
 baroshem/nuxt-security | Automatically configures an Nuxt application to follow OWASP security patterns and principles | 820 |
 openscoring/openscoring | A REST web service for real-time model scoring with high performance and extensibility | 580 |
 ory/fosite | Extensible security-first OAuth2 and OpenID Connect SDK for Go. | 2,328 |
 boostsecurityio/poutine | Detects misconfigurations and vulnerabilities in software supply chains during build pipelines. | 229 |
 justinas/nosurf | Protects against Cross-Site Request Forgery (CSRF) attacks in web applications by verifying user input | 1,589 |
 openstack/hacking | Automates style checks and code review to enforce uniform coding standards across large projects. | 240 |
| otrf/security-datasets | Provides a repository of security event datasets to support threat research and analysis | 1,603 |
 gosecure/csp-auditor | Analyzes and configures website security policies to prevent malicious scripts from running on user devices. | 136 |