OWASP / www-project-security-champions-guidebook
OWASP Foundation Web Respository
☆19Updated last month
Related projects ⓘ
Alternatives and complementary repositories for www-project-security-champions-guidebook
- OWASP Foundation Web Respository☆27Updated 3 months ago
- The OWASP DevSecOps Guideline explains how we can implement a secure pipeline and use best practices and introduce tools that we can use …☆61Updated 5 months ago
- Easy-to-use Threat modeling-as-a-Code (TaaC) solution following DevSecOps principles. Simple CI/CD integration as well as console usage. …☆55Updated 4 months ago
- The Security Champion Framework provides both a measuring stick and a roadmap generator for Champion Programs.☆104Updated 10 months ago
- OWASP Project Developer Guide - Document and Project Web pages☆88Updated this week
- ☆80Updated this week
- ☆71Updated last year
- OWASP Foundation Web Respository☆37Updated 2 months ago
- Monorepo of Labs for the Security Knowledge Framework (SKF)☆32Updated 3 months ago
- OWASP Code Review Guide Web Repository☆122Updated 2 years ago
- A Broken Application - Very Vulnerable!☆131Updated last week
- Dragon-GPT uses Chat-GPT, or local LLM, to execute automatic and AI-powered threat modeling analysis on a given OWASP Threat Dragon diagr…☆31Updated last year
- GCP GOAT is the vulnerable application for learn the GCP Security☆62Updated last year
- The source files and tools needed to build the OWASP Cornucopia decks in various languages☆46Updated this week
- StartLeft is an automation tool for generating Threat Models written in the Open Threat Model (OTM) format from a variety of different so…☆48Updated this week
- 🧪 Correlate Semgrep scans with Python test coverage to prioritize SAST findings and get bug fix suggestions via a self-hosted LLM.☆33Updated last month
- Use AI to Scan Your Code from the Command Line for security and code smells. Bring your own keys. Supports OpenAI and Gemini☆149Updated 8 months ago
- ☆80Updated 3 years ago
- A project to visualize the software supply chain☆36Updated last year
- 🖇️ STRIDE vs. ASVS equivalence table☆75Updated 2 months ago
- NextJS-based single-page application for completing and reviewing SAMM assessments☆69Updated last year
- The IoT Security Testing Guide (ISTG) provides a comprehensive methodology for penetration tests in the IoT field, offering flexibility t…☆88Updated last month
- The Open Threat Modeling Format (OTM) defines a platform independent way to define the threat model of any system.☆169Updated 9 months ago
- ☆37Updated 7 months ago
- APIsec|SCAN - Free API security testing using Github actions☆93Updated 6 months ago
- A compilation of Software Supply Chain Security resources including initiatives, standards, regulations, organizations, vendors, tooling,…☆126Updated 9 months ago
- InfoSec OpenAI Examples☆19Updated 11 months ago
- A small tool to help developers understand a huge set of security requirements from appsec teams☆45Updated 2 years ago
- PESD (Proxy Enriched Sequence Diagrams) Exporter converts Burp Suite's proxy traffic into interactive diagrams☆98Updated 9 months ago
- This is a RSS feed collection for all the InfoSec Content Creators☆30Updated last year