scanner detecting the use of JavaScript libraries with known vulnerabilities. Can also generate an SBOM of the libraries it finds.

The SBOM tool is a highly scalable and enterprise ready tool to create SPDX 2.2 compatible SBOMs for any variety of artifacts.

A suite of tools to automate software compliance checks.

LunaSec - Dependency Security Scanner that automatically notifies you about vulnerabilities like Log4Shell or node-ipc in your Pull Requests and Builds. Protect yourself in 30 seconds with the LunaTrace GitHub App: https://github.com/marketplace/lunatrace-by-lunasec/

A curated list of SBOM (Software Bill Of Materials) related tools, frameworks, blogs, podcasts, and articles

A tool to automatically build a dependency graph and Software Bill of Materials (SBOM) for packages and arbitrary source code repositories.

CycloneDX CLI tool for SBOM analysis, merging, diffs and format conversions.

Creates CycloneDX Software Bill of Materials (SBOM) from Maven projects

CycloneDX Software Bill of Materials (SBOM) generator for Python projects and environments

Creates CycloneDX Software Bill of Materials (SBOM) from .NET Projects

Creates CycloneDX Software Bill of Materials (SBOM) from Gradle projects

A suite of utilities to help with software supply chain challenges on nix targets

Creates CycloneDX Software Bill of Materials (SBOM) from Go modules

creates CycloneDX Software-Bill-of-Materials (SBOM) from node-based projects

Creates CycloneDX Software Bill of Materials (SBOM) from Rust (Cargo) projects

Compage - Low-Code Framework to develop Rest API, gRPC, dRPC, GraphQL, WebAssembly, microservices, FaaS, Temporal workloads, IoT and edge services, K8s controllers, K8s CRDs, K8s custom APIs, K8s Operators, K8s hooks, etc. with minimal coding and by automatically applying best practice methods like software supply chain security measures, SBOM, …

Create CycloneDX Software Bill of Materials (SBOM) from Node.js NPM projects.

Analyze any snippet, file, or repository to detect possible security flaws such as secret in code, open source vulnerability, code security, vulnerability, insecure infrastructure as code, and potential legal issues with open source licenses.

Nix CycloneDX Software Bills of Materials (SBOMs)

SBOM Assembler - A tool to edit SBOM or assemble multiple sboms into a single sbom.