README.md: Add a reference to ghafscan project

Signed-off-by: Henri Rosten <henri.rosten@unikie.com>
tiiuae · Sep 7, 2023 · 6db61c7 · 6db61c7
1 parent 9ded9da
commit 6db61c7
Showing 1 changed file with 2 additions and 0 deletions.
diff --git a/README.md b/README.md
@@ -12,6 +12,8 @@ In addition to `sbomnix` this repository is home to [nixgraph](./doc/nixgraph.md
 
 For a demonstration of how to use `sbomnix` generated SBOM in automating vulnerability scans, see: [vulnxscan](scripts/vulnxscan/README.md).
 
+For an example of how to use the tooling provided in this repository to automate vulnerability scanning for a nix flake project, see: [ghafscan](https://github.com/tiiuae/ghafscan).
+
 The [CycloneDX](https://cyclonedx.org/) and [SPDX](https://spdx.github.io/spdx-spec/v2.3/) SBOMs for each release of `sbomnix` itself are available in the [release assets](https://github.com/tiiuae/sbomnix/releases/latest).
 
 `sbomnix` and other tools in this repository originate from [Ghaf Framework](https://github.com/tiiuae/ghaf).