Alternatives and similar repositories for www-project-top-10-ci-cd-security-risks

Users that are interested in www-project-top-10-ci-cd-security-risks are comparing it to the libraries listed below

• latiotech / insecure-kubernetes-deployments
  A full insecure kubernetes application for testing security tools
  ☆90Updated 3 months ago
• OWASP / www-project-devsecops-guideline
  The OWASP DevSecOps Guideline explains how we can implement a secure pipeline and use best practices and introduce tools that we can use …
  ☆80Updated last month
• jstawinski / GitHub-Actions-Attack-Diagram
  ☆192Updated 9 months ago
• iriusrisk / OpenThreatModel
  The Open Threat Modeling Format (OTM) defines a platform independent way to define the threat model of any system.
  ☆179Updated last month
• edgeroute / security-champion-framework
  The Security Champion Framework provides both a measuring stick and a roadmap generator for Champion Programs.
  ☆110Updated 2 years ago
• OWASP / www-project-devsecops-maturity-model
  OWASP Foundation Web Respository
  ☆56Updated 3 months ago
• DataDog / supply-chain-firewall
  Supply-Chain Firewall (SCFW) is a tool for preventing the installation of malicious npm and PyPI packages
  ☆214Updated last week
• cider-security-research / top-10-cicd-security-risks
  ☆423Updated 3 years ago
• tenable / KaiMonkey
  KaiMonkey provides vulnerable infrastructure as code (IaC) to help explore and understand common cloud security threats exposed via IaC.
  ☆105Updated 2 years ago
• Nextdoor / cspm_evaluation_matrix
  Nextdoor's Cloud Security Posture Management (CSPM) Evaluation Matrix
  ☆59Updated 2 years ago
• tenable / cnappgoat
  CNAPPgoat is an open source project designed to modularly provision vulnerable-by-design components in cloud environments.
  ☆292Updated last year
• GitGuardian / ggcanary
  GitGuardian Canary Tokens
  ☆147Updated 7 months ago
• MaibornWolff / dd-import
  A utility to (re-)import findings and language data into DefectDojo
  ☆43Updated last year
• openraven / magpie
  A Cloud Security Posture Manager or CSPM with a focus on security analysis for the modern cloud stack and a focus on the emerging threat …
  ☆196Updated last year
• rusakovichma / TicTaaC
  Easy-to-use Threat modeling-as-a-Code (TaaC) solution following DevSecOps principles. Simple CI/CD integration as well as console usage. …
  ☆68Updated 7 months ago
• luisfontes19 / orgsec-guide
  A comprehensive checklist and guide for organizations looking to implement a robust cybersecurity program
  ☆46Updated last month
• snyk-tech-services / snyk-scm-contributors-count
  Count distinct contributor of Snyk watched repos across several SCM
  ☆32Updated last week
• tenable / EscalateGPT
  An AI-powered tool for discovering privilege escalation opportunities in AWS IAM configurations.
  ☆117Updated 3 weeks ago
• OWASP / OpenCRE
  ☆138Updated this week
• OWASP / KubeLight
  OWASP Kubernetes security and compliance tool [WIP]
  ☆108Updated 2 years ago
• RhinoSecurityLabs / IAMActionHunter
  An AWS IAM policy statement parser and query tool.
  ☆197Updated this week
• ReversecLabs / IceKube
  ☆185Updated 9 months ago
• OWASP / www-project-devsecops-verification-standard
  OWASP Foundation Web Respository
  ☆46Updated last month
• Cybr-Inc / CloudSec
  Public repository of all things cloud security.
  ☆47Updated last year
• PaloAltoNetworks / cobra-tool
  Cloud Offensive Breach and Risk Assessment (COBRA) Tool
  ☆102Updated 8 months ago
• boostsecurityio / poutine
  boostsecurityio/poutine
  ☆356Updated this week
• wiz-sec / open-cvdb
  An open project to list all publicly known cloud vulnerabilities and CSP security issues
  ☆373Updated 4 months ago
• step-security / github-actions-goat
  GitHub Actions Goat: Deliberately Vulnerable GitHub Actions CI/CD Environment
  ☆492Updated 7 months ago
• mihir-shah99 / vxdf
  ☆61Updated 7 months ago
• mllamazares / STRIDE-vs-ASVS
  🖇️ equivalence table between OWASP ASVS standard and STRIDE threat modeling methodology.
  ☆76Updated last year