📄️ 🧰 OSS Best Practices
The following policy geared towards the generic OSS best practices. So you can use this oss-risk-pack.yaml to perform the generic security checks.
📄️ 🧰 CIS Benchmarks
The following policy geared towards the CIS benchmarks based guidelines towards security risks on libraries, software and in general. You can use this cis-risk-pack.yaml to perform the CIS Benchmarks security checks.
📄️ 🧰 OpenSSF Scorecard
The following policy geared towards the OpenSSF Scorecard best practices. So you can use this openssf-risk-pack.yaml to perform the generic security checks.
📄️ 🧰 SLSA
TBD
📄️ 🧰 MITRE
TBD
📄️ 🧰 SafeDep
The following policy geared towards the SafeDep opinionated best practices. So you can use this safedep-risk-pack.yaml to perform the security checks.