naveensrinivasan
Contributes to fun OSS projects like https://github.com/ossf and is a Google Open Source Peer Bonus award winner for 2021,2022 and 2024.
Pinned Repositories
guac
GUAC aggregates software security metadata into a high fidelity graph database.
ghactionspermissions
ManagedStackExplorer
Managed call stack for .NET applications
SafeImage
Testing of inappropriate images
scorecard
OpenSSF Scorecard - Security health metrics for Open Source
rekor
Software Supply Chain Transparency Log
sigstore
Common go library shared across sigstore services and clients
naveensrinivasan's Repositories
naveensrinivasan/naveensrinivasan.github.io
naveensrinivasan/guac
GUAC aggregates software security metadata into a high fidelity graph database.
naveensrinivasan/naveensrinivasan
naveensrinivasan/safeposix-rust
Rust implementation of SafePOSIX
naveensrinivasan/archivista
Archivist is a graph and storage service for in-toto attestations. Archivist enables the discovery and retrieval of attestations for software artifacts.
naveensrinivasan/cosign
Container Signing
naveensrinivasan/dotvim
My vim settings
naveensrinivasan/eladmin-1
根据原eladmin项目进行改造。整合ELK、ShardingSphere多数据源、多Redis、消息队列等
naveensrinivasan/gitoid
Golang libraries for computing git object ids (gitoids)
naveensrinivasan/gittuf
A security layer for Git repositories
naveensrinivasan/go-git-playground
naveensrinivasan/go-witness
Go implementation of witness
naveensrinivasan/guac-ai-mole
🥑 Inspect and understand an organization's software supply chain that enables stakeholders to make actionable decisions about software supply chain security
naveensrinivasan/httpcache
A Transport for http.Client that will cache responses according to the HTTP RFC
naveensrinivasan/lind-docs
Documentation for the Lind Project
naveensrinivasan/lula
The Compliance Validator
naveensrinivasan/metrostop
An interactive graph for an end-to-end view - a metrostop is a visual representation of a product's lifecycle which can be used for the maintenance, optimization, analysis and conception of a product's life cycle processes
naveensrinivasan/ossf-cve-benchmark
The OpenSSF CVE Benchmark consists of code and metadata for over 200 real life CVEs, as well as tooling to analyze the vulnerable codebases using a variety of static analysis security testing (SAST) tools and generate reports to evaluate those tools.
naveensrinivasan/pepr
Type safe K8s middleware for humans
naveensrinivasan/protobom
A universal SBOM representation in protocol buffers
naveensrinivasan/sbom-cve-data
naveensrinivasan/scorecard
OSS Security Scorecards
naveensrinivasan/scorecard-commits
Analyze the commit data from Scorecard API with the help of BigQuery
naveensrinivasan/scorecard-customchecks
naveensrinivasan/TtlMap
A golang map in which entries expire after given a time period
naveensrinivasan/uds-cli
naveensrinivasan/uds-security-hub
All things about securing UDS
naveensrinivasan/witness
Witness is a pluggable framework for software supply chain risk management. It automates, normalizes, and verifies software artifact provenance.
naveensrinivasan/witness-run-action
naveensrinivasan/zarf
DevSecOps for Air Gap & Limited-Connection Systems. https://zarf.dev/