CloudSecurityAlliance-WG / wg-DevSecOpsLinks
DevSecOps Working Group
☆12Updated 5 years ago
Alternatives and similar repositories for wg-DevSecOps
Users that are interested in wg-DevSecOps are comparing it to the libraries listed below
Sorting:
- This repository contains information about DevSecOps and how to get involved in this community effort.☆150Updated 6 years ago
- Repo to hold mapping of user-security-stories☆119Updated 6 years ago
- A collection of 2020 artifacts describing the major pain points, vulnerabilities and concerns with Cloud Security.☆19Updated 4 years ago
- The Secure Cloud Architecture (SCA) is a location & cloud agnostic flexible and repeatable conceptual deployment pattern that can adapt f…☆15Updated 5 years ago
- A curated list of policy-as-code resources like blogs, videos, and tools to practice on for learning Policy-as-Code.☆193Updated last year
- A collection of DevSecOps reference architectures☆69Updated 4 years ago
- This repository will teach you have to do my talk "Pushing Left, Like a Boss".☆70Updated 3 years ago
- ☆12Updated 3 years ago
- Project intended to make Attack Maps part of software development by reducing the time it takes to complete them.☆48Updated 8 years ago
- OWASP Foundation Web Respository☆55Updated 2 years ago
- OWASP Cloud Security - Enabling conversations through threat and control stories☆181Updated 6 years ago
- Examples on how to maintain security/compliance as code and to automate SecOps using the JupiterOne platform.☆54Updated last year
- A unified DevSecOps Framework that allows you to go from iterative, collaborative Threat Modeling to Application Security Test Orchestrat…☆282Updated last month
- a curated list of useful threat modeling resources☆137Updated last year
- A collection of DoD and Federal Government Cloud Computing Resources☆48Updated 4 years ago
- An opinionated tooling platform for managing compliance as code, using continuous integration and NIST's OSCAL standard.☆200Updated this week
- This repo is a consolidation of Secure Software Supply Chain resources, such as talks, whitepapers, conferences and more.☆139Updated 3 years ago
- CSA Guidance☆217Updated 8 years ago
- The Open Threat Modeling Format (OTM) defines a platform independent way to define the threat model of any system.☆174Updated 8 months ago
- Automate the creation of a System Security Plan (SSP)☆39Updated last month
- The Auditree framework tool to run compliance control checks as unit tests.☆69Updated 11 months ago
- This repository stores content that can be used to design a Rapid Threat Model Prototyping process for a software development group.☆162Updated 2 years ago
- A collection of diagramming tools to help create DevOps/DevSecOps reference architectures☆73Updated last year
- A continuous security pipeline demo for the AWS DevSecOps Workshop.☆45Updated 5 years ago
- NIST SP 800-53, Security and Privacy Controls for Federal Information Systems and Organizations☆40Updated last month
- Create custom auto-remediation solutions using serverless functions in the cloud.☆53Updated 2 years ago
- A list of tools, blog posts, and other resources that further the use and adoption of OSCAL standards.☆171Updated last month
- threatspec - continuous threat modeling, through code☆362Updated 4 years ago
- A public repository with scripts and tools for mass / automated onboarding of cloud accounts (AWS,Azure,GCP)☆25Updated 4 years ago
- CloudSplaining on AWS Managed Policies☆44Updated this week