Skip to content
View stevespringett's full-sized avatar

Highlights

  • Pro

Organizations

@OWASP @CycloneDX @package-url @DependencyTrack @Ecma-TC54

Block or report stevespringett

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Please don't include any personal information such as legal names or email addresses. Maximum 100 characters, markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse

Pinned Loading

  1. DependencyTrack/dependency-track DependencyTrack/dependency-track Public

    Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.

    Java 2.7k 579

  2. CycloneDX/specification CycloneDX/specification Public

    OWASP CycloneDX is a full-stack Bill of Materials (BOM) standard that provides advanced supply chain capabilities for cyber risk reduction. SBOM, SaaSBOM, HBOM, AI/ML-BOM, CBOM, OBOM, MBOM, VDR, an…

    XSLT 366 59

  3. package-url/purl-spec package-url/purl-spec Public

    A minimal specification for purl aka. a package "mostly universal" URL, join the discussion at https://gitter.im/package-url/Lobby

    699 161

  4. OWASP/Software-Component-Verification-Standard OWASP/Software-Component-Verification-Standard Public

    Software Component Verification Standard (SCVS)

    Python 135 39

  5. CPE-Parser CPE-Parser Public

    A utility for validating and parsing Common Platform Enumeration (CPE) v2.2 and v2.3 as originally defined by MITRE and maintained by NIST

    Java 47 15

  6. cvss-calculator cvss-calculator Public

    A Java library for calculating CVSSv2 and CVSSv3 scores and vectors

    Java 39 23