CSAF Open Source Tools                 


Secvisogram is a tool for creating and editing advisories in CSAF format.

CSAF Visualizer

A tool to visualize the CSAF JSON Schema.

CSAF Provider

An implementation of the role CSAF Trusted Provider, also offering a simple HTTPS based management service.

CSAF Uploader

A command line tool that uploads CSAF documents to the CSAF Provider.

CSAF Aggregator

An implementation of the role CSAF Aggregator.

CSAF Checker

A tool for testing a CSAF Trusted Provider according to Section 7 of the CSAF standard.

CSAF Downloader

A tool to download CSAF content from a specific domain / CSAF provider.

CSAF Validator Library

A JavaScript library is intended to include logic that can be shared across application working with CSAF.

CSAF Validator Service

A service to validate documents against the CSAF standard. It uses the csaf-validator-lib "under-the-hood"

BSI Secvisogram CSAF Backend CMS

The CSAF Content Management System (CMS) Secvisogram backend code and documentation


CSAF file testing tool available in Pypi.

CSAF Walker

A Rust library and command line tool for consuming and analyzing CSAF documents.


An open source vulnerability management system that can generate CSAF VEX documents.


A comprehensive and versatile security scanner that look for security issues.


A collection of software that allow you to store bill of materials (SBOM), vulnerability information (VEX) for your organization and use that information to learn impact of vulnerabilities and dependency changes.

© Copyright 2023 OASIS CSAF TC - All Rights Reserved