MaibornWolff / dd-importLinks
A utility to (re-)import findings and language data into DefectDojo
☆43Updated last year
Alternatives and similar repositories for dd-import
Users that are interested in dd-import are comparing it to the libraries listed below
Sorting:
- OWASP Foundation Web Respository☆99Updated 3 weeks ago
- Discover vulnerabilities and container image misconfiguration in production environments.☆56Updated last month
- OWASP Kubernetes security and compliance tool [WIP]☆107Updated 2 years ago
- SecObserve is an open source vulnerability and license management system for software development teams and cloud environments. It suppor…☆188Updated last week
- ☆93Updated 9 months ago
- Count distinct contributor of Snyk watched repos across several SCM☆32Updated 2 months ago
- A deliberately vulnerable Kubernetes cluster☆129Updated last year
- Dynamic Application and API Security Testing☆193Updated 2 years ago
- The Open Threat Modeling Format (OTM) defines a platform independent way to define the threat model of any system.☆177Updated 11 months ago
- Easy-to-use Threat modeling-as-a-Code (TaaC) solution following DevSecOps principles. Simple CI/CD integration as well as console usage. …☆67Updated 4 months ago
- Test & Compare different Kubernetes security offerings on EKS, GKE and AKS☆40Updated last year
- OWASP Kubernetes Security Testing Guide☆38Updated this week
- NextJS-based single-page application for completing and reviewing SAMM assessments☆77Updated 2 years ago
- boostsecurityio/poutine☆341Updated last week
- The security workflow engine!☆125Updated 2 weeks ago
- The OWASP DevSecOps Guideline explains how we can implement a secure pipeline and use best practices and introduce tools that we can use …��☆74Updated 3 weeks ago
- KubeStalk discovers Kubernetes and related infrastructure based attack surface from a black-box perspective.☆175Updated 9 months ago
- A small tool to help developers understand a huge set of security requirements from appsec teams☆47Updated 3 years ago
- NamespaceHound is the tool for detecting the risk of potential namespace crossing violations in multi-tenant clusters.☆111Updated 9 months ago
- Script to audit GitHub Action Workflow files for potential vulnerabilities.☆156Updated last year
- ☆124Updated last year
- Supply-Chain Firewall (SCFW) is a tool for preventing the installation of malicious npm and PyPI packages☆171Updated this week
- OWASP Foundation Web Respository☆56Updated 3 weeks ago
- 🧰 Multi Tool Kubernetes Pentest Image☆245Updated 2 months ago
- Curating Falco rules with MITRE ATT&CK Matrix☆84Updated last year
- The Security Champion Framework provides both a measuring stick and a roadmap generator for Champion Programs.☆111Updated last year
- Kubernetes Security Checklist and Requirements - All in One (authentication, authorization, logging, secrets, configuration, network, wor…☆481Updated 3 years ago
- Scans Software Bill of Materials (SBOMs) for security vulnerabilities☆589Updated 7 months ago
- A comprehensive checklist and guide for organizations looking to implement a robust cybersecurity program☆43Updated 3 weeks ago
- KaiMonkey provides vulnerable infrastructure as code (IaC) to help explore and understand common cloud security threats exposed via IaC.☆105Updated last year