-
Notifications
You must be signed in to change notification settings - Fork 15
/
Copy pathtools.html
288 lines (261 loc) · 16.1 KB
/
tools.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="twitter:card" content="summary_large_image"/>
<meta name="twitter:image:src" content="">
<meta property="og:image" content="">
<meta name="twitter:title" content="CSAF Open Source Tools">
<meta name="viewport" content="width=device-width, initial-scale=1, minimum-scale=1">
<link rel="shortcut icon" href="assets/images/screen-shot-2022-11-28-at-10.16.00-pm-279x97.png" type="image/x-icon">
<meta name="description" content="CSAF Open Source Tools - - Secvisogram
- CSAF Parser
- CSAF Visualizer
- CSAF Trusted Provider
- CSAF Uploader
- CSAF Aggregator
- CSAF Checker
- CSAF Validator Library
- CSAF Validator Service
- CSAF Content Management System
- CSAF Downloader
- CSAF Walker
- Clouditor
- SecObserve
- Trivy
- CSAF Perl Toolkit ">
<title>CSAF Open Source Tools</title>
<link rel="stylesheet" href="assets/web/assets/mobirise-icons/mobirise-icons.css">
<link rel="stylesheet" href="assets/web/assets/mobirise-icons-bold/mobirise-icons-bold.css">
<link rel="stylesheet" href="assets/web/assets/mobirise-icons2/mobirise2.css">
<link rel="stylesheet" href="assets/bootstrap/css/bootstrap.min.css">
<link rel="stylesheet" href="assets/bootstrap/css/bootstrap-grid.min.css">
<link rel="stylesheet" href="assets/bootstrap/css/bootstrap-reboot.min.css">
<link rel="stylesheet" href="assets/dropdown/css/style.css">
<link rel="stylesheet" href="assets/socicon/css/styles.css">
<link rel="stylesheet" href="assets/theme/css/style.css">
<link rel="preload" href="https://fonts.googleapis.com/css?family=Darker+Grotesque:300,400,500,600,700,800,900&display=swap" as="style" onload="this.onload=null;this.rel='stylesheet'">
<noscript><link rel="stylesheet" href="https://fonts.googleapis.com/css?family=Darker+Grotesque:300,400,500,600,700,800,900&display=swap"></noscript>
<link rel="preload" as="style" href="assets/mobirise/css/mbr-additional.css"><link rel="stylesheet" href="assets/mobirise/css/mbr-additional.css" type="text/css">
</head>
<body>
<section data-bs-version="5.1" class="menu menu1 cid-sRAtISOGzm" once="menu" id="menu1-0">
<nav class="navbar navbar-dropdown navbar-expand-lg">
<div class="container-custom container-fluid">
<div class="navbar-brand">
<span class="navbar-logo">
<a href="index.html">
<img src="assets/images/screen-shot-2022-11-28-at-10.16.00-pm-279x97.png" alt="CSAF" style="height: 5.3rem;">
</a>
</span>
</div>
<button class="navbar-toggler" type="button" data-toggle="collapse" data-bs-toggle="collapse" data-target="#navbarSupportedContent" data-bs-target="#navbarSupportedContent" aria-controls="navbarNavAltMarkup" aria-expanded="false" aria-label="Toggle navigation">
<div class="hamburger">
<span></span>
<span></span>
<span></span>
<span></span>
</div>
</button>
<div class="collapse navbar-collapse" id="navbarSupportedContent">
<div class="navbar-nav-container">
<ul class="navbar-nav nav-dropdown nav-right" data-app-modern-menu="true"><li class="nav-item"><a class="nav-link link text-primary display-7" href="https://docs.oasis-open.org/csaf/csaf/v2.0/errata01/os/schemas/" target="_blank"><span class="fa fa-file-code-o mbr-iconfont mbr-iconfont-btn"></span>
Schemas</a></li>
<li class="nav-item"><a class="nav-link link text-primary display-7" href="specification.html" target="_blank"><span class="icon54-v1-document-file mbr-iconfont mbr-iconfont-btn"></span>
Specification</a></li>
<li class="nav-item"><a class="nav-link link text-primary display-7" href="https://github.com/oasis-tcs/csaf" target="_blank"><span class="mbri-github mbr-iconfont mbr-iconfont-btn"></span>
GitHub</a> </li>
<li class="nav-item"><a class="nav-link link text-primary display-7" href="faq.html"><span class="mbrib-question mbr-iconfont mbr-iconfont-btn"></span>FAQ</a>
</li>
</ul>
</div>
</div>
</div>
</nav>
</section>
<section data-bs-version="5.1" class="header3 cid-toxpZeSurb" id="header3-2">
<div class="section-about-header_background-glow"></div>
<div class="align-center container-fluid">
<div class="row justify-content-center">
<div class="col-12 col-text col-lg-12">
<h1 class="mbr-section-title mbr-fonts-style mb-3 display-1">
CSAF Open Source Tools </h1>
</div>
</div>
</div>
</section>
<section class="features3 cid-toxq000HmE" id="features3-3">
<div class="container">
<div class="row justify-content-center">
<div class="text-container">
</div>
<div class="cards-container col-12">
<div class="card">
<div class="card-wrapper">
<div class="card-box">
<h4 class="card-title mbr-fonts-style display-5"><a href="https://secvisogram.github.io/" class="text-primary" target="_blank">Secvisogram</a></h4>
<p class="card-text mbr-fonts-style display-4">Secvisogram is a tool for creating and editing advisories in CSAF format.</p>
</div>
</div>
</div>
<div class="card">
<div class="card-wrapper">
<div class="card-box">
<h4 class="card-title mbr-fonts-style display-5"><a href="https://json.csaf.io/" class="text-primary" target="_blank">CSAF Visualizer</a></h4>
<p class="card-text mbr-fonts-style display-4">A tool to visualize the CSAF JSON Schema.</p>
</div>
</div>
</div>
<div class="card">
<div class="card-wrapper">
<div class="card-box">
<h4 class="card-title mbr-fonts-style display-5"><a href="https://github.com/gocsaf/csaf/blob/main/docs/csaf_provider.md" class="text-primary" target="_blank">CSAF Provider</a></h4>
<p class="card-text mbr-fonts-style display-4">An implementation of the role CSAF Trusted Provider, also offering a simple HTTPS based management service.</p>
</div>
</div>
</div>
<div class="card">
<div class="card-wrapper">
<div class="card-box">
<h4 class="card-title mbr-fonts-style display-5"><a href="https://github.com/gocsaf/csaf/blob/main/docs/csaf_uploader.md" class="text-primary" target="_blank">CSAF Uploader</a></h4>
<p class="card-text mbr-fonts-style display-4">A command line tool that uploads CSAF documents to the CSAF Provider.</p>
</div>
</div>
</div>
<div class="card">
<div class="card-wrapper">
<div class="card-box">
<h4 class="card-title mbr-fonts-style display-5"><a href="https://github.com/gocsaf/csaf/blob/main/docs/csaf_aggregator.md" class="text-primary" target="_blank">CSAF Aggregator</a></h4>
<p class="card-text mbr-fonts-style display-4">An implementation of the role CSAF Aggregator.</p>
</div>
</div>
</div>
<div class="card">
<div class="card-wrapper">
<div class="card-box">
<h4 class="card-title mbr-fonts-style display-5"><a href="https://github.com/gocsaf/csaf/blob/main/docs/csaf_checker.md" class="text-primary" target="_blank">CSAF Checker</a></h4>
<p class="card-text mbr-fonts-style display-4">A tool for testing a CSAF Trusted Provider according to <a href="https://docs.oasis-open.org/csaf/csaf/v2.0/os/csaf-v2.0-os.html#7-distributing-csaf-documents" class="text-primary" target="_blank">Section 7 of the CSAF standard</a>.</p>
</div>
</div>
</div>
</div>
</div>
</div>
</section>
<section class="features3 cid-toxrXOullb" id="features3-4">
<div class="container">
<div class="row justify-content-center">
<div class="text-container">
</div>
<div class="cards-container col-12">
<div class="card">
<div class="card-wrapper">
<div class="card-box">
<h4 class="card-title mbr-fonts-style display-5"><a href="https://github.com/gocsaf/csaf/blob/main/docs/csaf_downloader.md" class="text-primary" target="_blank">CSAF Downloader</a></h4>
<p class="card-text mbr-fonts-style display-4">A tool to download CSAF content from a specific domain / CSAF provider.<br></p>
</div>
</div>
</div>
<div class="card">
<div class="card-wrapper">
<div class="card-box">
<h4 class="card-title mbr-fonts-style display-5"><a href="https://github.com/secvisogram/csaf-validator-lib" class="text-primary" target="_blank">CSAF Validator Library</a></h4>
<p class="card-text mbr-fonts-style display-4">A JavaScript library is intended to include logic that can be shared across application working with CSAF.</p>
</div>
</div>
</div>
<div class="card">
<div class="card-wrapper">
<div class="card-box">
<h4 class="card-title mbr-fonts-style display-5"><a href="https://github.com/secvisogram/csaf-validator-service" class="text-primary" target="_blank">CSAF Validator Service</a></h4>
<p class="card-text mbr-fonts-style display-4">A service to validate documents against the CSAF standard. It uses the csaf-validator-lib "under-the-hood"</p>
</div>
</div>
</div>
<div class="card">
<div class="card-wrapper">
<div class="card-box">
<h4 class="card-title mbr-fonts-style display-5"><a href="https://github.com/secvisogram/csaf-cms-backend" class="text-primary" target="_blank">BSI Secvisogram CSAF Backend CMS</a></h4>
<p class="card-text mbr-fonts-style display-4">The CSAF Content Management System (CMS) Secvisogram backend code and documentation</p>
</div>
</div>
</div>
<div class="card">
<div class="card-wrapper">
<div class="card-box">
<h4 class="card-title mbr-fonts-style display-5"><a href="https://pypi.org/project/paikalta/" class="text-primary" target="_blank">paikalta</a></h4>
<p class="card-text mbr-fonts-style display-4">CSAF file testing tool available in <a href="https://pypi.org/project/paikalta/" class="text-primary" target="_blank">Pypi</a>.</p>
</div>
</div>
</div>
<div class="card">
<div class="card-wrapper">
<div class="card-box">
<h4 class="card-title mbr-fonts-style display-5"><a href="https://github.com/ctron/csaf-walker" class="text-primary" target="_blank">CSAF Walker</a></h4>
<p class="card-text mbr-fonts-style display-4">A Rust library and command line tool for consuming and analyzing CSAF documents.</p>
</div>
</div>
</div>
<div class="card">
<div class="card-wrapper">
<div class="card-box">
<h4 class="card-title mbr-fonts-style display-5"><a href="https://github.com/clouditor/clouditor?tab=readme-ov-file#using-the-extra-discoverers-eg-csaf" class="text-primary" target="_blank">Clouditor</a></h4>
<p class="card-text mbr-fonts-style display-4">Clouditor is a tool for the continuous assurance of cloud and other backend services. It supports the conformance check of CSAF (trusted) providers as part of vulnerability management controls.</p>
</div>
</div>
</div>
<div class="card">
<div class="card-wrapper">
<div class="card-box">
<h4 class="card-title mbr-fonts-style display-5"><a href="https://github.com/MaibornWolff/SecObserve" class="text-primary" target="_blank">SecObserve</a></h4>
<p class="card-text mbr-fonts-style display-4">An open source vulnerability management system that can produce and consume CSAF VEX documents.</p>
</div>
</div>
</div>
<div class="card">
<div class="card-wrapper">
<div class="card-box">
<h4 class="card-title mbr-fonts-style display-5"><a href="https://aquasecurity.github.io/trivy/" class="text-primary" target="_blank">Trivy</a></h4>
<p class="card-text mbr-fonts-style display-4">A comprehensive and versatile security scanner that look for security issues.</p>
</div>
</div>
</div>
<div class="card">
<div class="card-wrapper">
<div class="card-box">
<h4 class="card-title mbr-fonts-style display-5"><a href="https://github.com/trustification/trustification" class="text-primary" target="_blank">Trustification</a></h4>
<p class="card-text mbr-fonts-style display-4">A collection of software that allow you to store bill of materials (SBOM), vulnerability information (VEX) for your organization and use that information to learn impact of vulnerabilities and dependency changes.</p>
</div>
</div>
</div>
<div class="card">
<div class="card-wrapper">
<div class="card-box">
<h4 class="card-title mbr-fonts-style display-5"><a href="https://metacpan.org/dist/CSAF" class="text-primary" target="_blank">CSAF Perl Tookit</a></h4>
<p class="card-text mbr-fonts-style display-4">A Perl distribution (with modules and command-line tools) for create, validate, convert (in HTML), publish and download CSAF documents.</p>
</div>
</div>
</div>
</div>
</div>
</div>
</section>
<section data-bs-version="5.1" class="footer2 cid-sRAtK8mSnJ" once="footers" id="footer2-1">
<div class="container">
<div class="media-container-row align-center mbr-white">
<div class="col-12">
<p class="mbr-text mb-0 mbr-fonts-style display-7">
© Copyright 2023 OASIS CSAF TC - All Rights Reserved
</p>
</div>
</div>
</div>
</section>
<script src="assets/bootstrap/js/bootstrap.bundle.min.js"></script>
<script src="assets/smoothscroll/smooth-scroll.js"></script>
<script src="assets/ytplayer/index.js"></script>
<script src="assets/dropdown/js/navbar-dropdown.js"></script>
<script src="assets/theme/js/script.js"></script>
</body>
</html>