OperantAI / secops-chaos
Security-focused Chaos Experiments for DevSecOps Teams
☆24Updated 2 months ago
Related projects: ⓘ
- Markdown Version of the DHS/CISA Secure Software Development Self Attestation Form.☆20Updated last year
- TACOS framework structural details☆19Updated 9 months ago
- A project to visualize the software supply chain☆33Updated last year
- Traffic and attack generation between simulated microservices.☆32Updated 3 years ago
- NIST OSCAL SDK and CLI☆17Updated 2 months ago
- Microsoft Defender for Cloud threat matrix for Kubernetes☆21Updated last year
- ☆13Updated last month
- A Golang library for interacting with the EPSS (Exploit Prediction Scoring System).☆27Updated 6 months ago
- ☆15Updated this week
- ☆26Updated this week
- A draft standard for communicating a cryptographic record of build inputs for software artifacts.☆23Updated 10 months ago
- Sample code snippets for consuming the CloudSploit API☆13Updated 10 months ago
- An SBOM query language and associated utilities☆54Updated 7 months ago
- Slack alert bot for matching Github Audit Events☆10Updated 3 weeks ago
- Sharing software supply chain security open source projects☆38Updated last year
- vexctl is a tool to attest VEX impact statements☆44Updated last year
- Compare data from multiple vulnerability scanners to get a more complete picture of potential exposures.☆58Updated 10 months ago
- ☆10Updated last year
- bomsh is collection of tools to explore the OmniBOR idea☆21Updated 5 months ago
- ☆51Updated 6 months ago
- Website for OmniBOR, reproducible identifiers & fine-grained build dependency tracking for software artifacts.☆21Updated last week
- Darkbit Cloud Security Tools☆25Updated 3 years ago
- ☆20Updated 4 months ago
- This repo. is archived. The utility is now at: https://github.com/CycloneDX/sbom-utility☆61Updated last year
- Super-powered know how tools for AWS and GCP cloud security☆14Updated last year
- Checks whether a Windows server according to security best practices as defined in the CIS Distribution-Independent Windows Benchmark☆15Updated 4 months ago
- Elevation of MLsec: a threat-modeling card game for machine learning systems☆16Updated 2 weeks ago
- Policy Pipeline : place an SDLC around your compliance documentation with a pipeline that renders policy-as-code to human friendly format…☆11Updated 3 years ago
- OSCAL SSP content for technologies shipped by Red Hat☆15Updated last year
- Tool for collecting vulnerability data from various sources (used to build the grype database)☆69Updated this week