Awesome-Mirrors
/
awesome-cybersecurity-blueteam
mirror of https://github.com/fabacab/awesome-cybersecurity-blueteam.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Link using "See also" between Dependency confusion and Supply chain.

This commit is contained in:
fabacab 2021-11-13 10:01:54 -05:00
parent 349c38e3da
commit 59e5a3d4b7
No known key found for this signature in database
GPG Key ID: B0303BF6BA36A560
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
README.md
View File

@ -173,6 +173,8 @@ See also [awesome-devsecops](https://github.com/devsecops/awesome-devsecops).
### Dependency confusion
See also [§ Supply chain security](#supply-chain-security).
- [Dependency Combobulator](https://github.com/apiiro/combobulator) - Open source, modular and extensible framework to detect and prevent dependency confusion leakage and potential attacks.
- [Confusion checker](https://github.com/sonatype-nexus-community/repo-diff) - Script to check if you have artifacts containing the same name between your repositories.
- [snync](https://github.com/snyk-labs/snync) - Prevent and detect if you're vulnerable to Dependency Confusion supply chain security attacks.
@ -194,6 +196,8 @@ See also [Awesome-Fuzzing](https://github.com/secfigo/Awesome-Fuzzing).
### Supply chain security
See also [§ Dependency confusion](#dependency-confusion).
- [Grafeas](https://grafeas.io/) - Open artifact metadata API to audit and govern your software supply chain.
- [Helm GPG (GnuPG) Plugin](https://github.com/technosophos/helm-gpg) - Chart signing and verification with GnuPG for Helm.
- [Notary](https://github.com/theupdateframework/notary) - Aims to make the internet more secure by making it easy for people to publish and verify content.