19 projects
Node.js
Node.js® is a JavaScript runtime built on Chrome's V8 JavaScript engine.
Contributors
51,334
Organizations
9,952
Software value
$3.9B
Dependabot
Dependabot is an automated dependency update tool that helps keep software projects secure and up-to-date by monitoring dependencies, creating pull requests for version updates, and handling security vulnerabilities across multiple programming languages and package managers.
Contributors
6,407
Organizations
2,699
Software value
$60M
DefectDojo
DefectDojo is an open-source application vulnerability management tool that streamlines the security testing process by automating the management, triage, and reporting of security vulnerabilities. It helps organizations track and manage security findings across multiple testing tools and provides a centralized platform for vulnerability management.
Contributors
2,606
Organizations
312
Software value
$142M
Dependency-Track
Dependency-Track is an intelligent Component Analysis Platform that allows organizations to identify and reduce risk in their software supply chain. It continuously monitors component usage across all versions of every application in an organization's portfolio to proactively identify risk from the use of vulnerable or out-of-date components.
Contributors
2,237
Organizations
394
Software value
$24M
Lynis
Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
Contributors
1,044
Organizations
194
Software value
$828K
KubeArmor
KubeArmor is a cloud-native runtime security enforcement system that restricts the behavior (such as process execution, file access, and networking operation) of containers and nodes at the system level.
Contributors
548
Organizations
162
Software value
$6.3M
OWASP BLT
OWASP BLT is a collection of security tools.
Contributors
523
Organizations
63
Software value
$6.5M
OSV
Open source vulnerability DB and triage service.
Contributors
350
Organizations
132
Software value
$7.6M
Greenbone Vulnerability Manager
This repository contains the scanner component for Greenbone Community Edition.
Contributors
321
Organizations
35
Software value
$6.7M
ThreatMapper
ThreatMapper is an open-source cloud native security observability platform that scans, maps, and ranks vulnerabilities in running containers, images, hosts and repositories. It provides runtime analysis, threat detection, and attack path visualization across cloud native production platforms.
Contributors
225
Organizations
35
Software value
$15M
Copacetic
Copacetic (copa) is a tool for patching security vulnerabilities in containers.
Contributors
203
Organizations
58
Software value
$1.7M
cnquery
cnquery is a cloud-native security and compliance assessment tool that enables querying and analyzing system configurations, security settings, and compliance status across cloud infrastructure, containers, and Kubernetes clusters. It provides a unified interface for security scanning and infrastructure assessment.
Contributors
159
Organizations
30
Software value
$20M
MITRE Security Automation Framework CLI
The MITRE Security Automation Framework (SAF) CLI is a tool for executing security tests and compliance scans against systems and applications. It provides capabilities for running automated security validations, generating reports, and evaluating compliance with security benchmarks and standards.
Contributors
109
Organizations
17
Software value
$178M
GitHub Security Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
This project hasn't been onboarded to LFX Insights.
PHP Security Advisories Database
A database of PHP security advisories
This project hasn't been onboarded to LFX Insights.
RustSec Advisory Database
Security advisory database for Rust crates published through crates.io
This project hasn't been onboarded to LFX Insights.