Skip to content
#

supply-chain-security

Here are 102 public repositories matching this topic...

🚀 DevSecOps intro elective — 10 hands-on labs + 2 bonus hardening OWASP Juice Shop: threat modeling (STRIDE/Threagile), signed commits & secret scanning, SBOM/SCA, SAST + DAST, IaC security (Checkov/KICS), container & supply-chain hardening (Trivy, Cosign), runtime detection with Falco, and DefectDojo vuln management.

  • Updated Jun 30, 2026
  • Shell

BomLens — a local-first SBOM generator & open-source risk assessor (CycloneDX). Produce an SBOM, an open-source notice, and a security/license risk report from source code, containers, binaries, firmware, or an SBOM you received. CLI or web UI, no SaaS.

  • Updated Jul 15, 2026
  • Shell
trust-issues

Adversarial security review for AI skills, repos, MCP servers, and packages before you install them. A read-only scanner plus a five-persona reasoning pass, ending in a GO / GO WITH MITIGATIONS / NO-GO verdict.

  • Updated Jul 15, 2026
  • Shell

Autonomous AI security agent that audits, pentests, and hardens your whole codebase: SAST, secrets, SCA, IaC, containers, CI/CD, OWASP, and AI/LLM red-teaming. Auto-fixes vulnerabilities and maps findings to compliance frameworks like SOC 2. Works with Claude Code, Cursor, Codex, and opencode.

  • Updated Jul 9, 2026
  • Shell

Improve this page

Add a description, image, and links to the supply-chain-security topic page so that developers can more easily learn about it.

Curate this topic

Add this topic to your repo

To associate your repository with the supply-chain-security topic, visit your repo's landing page and select "manage topics."

Learn more