Secvisogram is a tool for creating and editing advisories in CSAF format.
A tool to visualize the CSAF JSON Schema.
An implementation of the role CSAF Trusted Provider, also offering a simple HTTPS based management service.
A command line tool that uploads CSAF documents to the CSAF Provider.
An implementation of the role CSAF Aggregator.
A tool for testing a CSAF Trusted Provider according to Section 7 of the CSAF standard.
A tool to download CSAF content from a specific domain / CSAF provider.
A JavaScript library is intended to include logic that can be shared across application working with CSAF.
A service to validate documents against the CSAF standard. It uses the csaf-validator-lib "under-the-hood"
The CSAF Content Management System (CMS) Secvisogram backend code and documentation
A Rust library and command line tool for consuming and analyzing CSAF documents.
Clouditor is a tool for the continuous assurance of cloud and other backend services. It supports the conformance check of CSAF (trusted) providers as part of vulnerability management controls.
An open source vulnerability management system that can produce and consume CSAF VEX documents.
A comprehensive and versatile security scanner that look for security issues.
A collection of software that allow you to store bill of materials (SBOM), vulnerability information (VEX) for your organization and use that information to learn impact of vulnerabilities and dependency changes.
A Perl distribution (with modules and command-line tools) for create, validate, convert (in HTML), publish and download CSAF documents.