SecureStackCo / visualizing-software-supply-chain
A project to visualize the software supply chain
β45Updated last year
Alternatives and similar repositories for visualizing-software-supply-chain:
Users that are interested in visualizing-software-supply-chain are comparing it to the libraries listed below
- Easy-to-use Threat modeling-as-a-Code (TaaC) solution following DevSecOps principles. Simple CI/CD integration as well as console usage. β¦β62Updated 10 months ago
- π§ͺ Correlate Semgrep scans with Python test coverage to prioritize SAST findings and get bug fix suggestions via a self-hosted LLM.β39Updated 4 months ago
- Maturity Model Collaborative projectβ15Updated 2 years ago
- β110Updated last year
- ποΈ STRIDE vs. ASVS equivalence tableβ76Updated 8 months ago
- Vulnerable by Design AWS Cloud Development Kit (CDK) Infrastructureβ47Updated last year
- Protect against subdomain takeoverβ92Updated 11 months ago
- β10Updated 2 years ago
- A powerful tool that leverages AI to automatically generate comprehensive security documentation for your projectsβ72Updated last week
- Clean accounts over permissions in GCP infra at scaleβ71Updated last year
- Nextdoor's Cloud Security Posture Management (CSPM) Evaluation Matrixβ58Updated last year
- Simple plug-and-play Github Action to block unauthorized outbound traffic (egress) in your Github workflowsβ95Updated 2 weeks ago
- boostsecurityio/lotpβ123Updated last week
- HashiCorp-relevant rules for the Semgrep code analysis toolβ40Updated last year
- An experimental project using LLM technology to generate security documentation for Open Source Software (OSS) projectsβ28Updated last month
- Dragon-GPT uses Chat-GPT, or local LLM, to execute automatic and AI-powered threat modeling analysis on a given OWASP Threat Dragon diagrβ¦β35Updated 2 months ago
- Create notes during a security code review in VSCode π Import your favorite SAST tool findings π οΈ and collaborate with others π€β133Updated 3 weeks ago
- Security tool against dependency typosquatting attacksβ39Updated this week
- DefectDojo Community Contentβ18Updated 6 months ago
- β177Updated last week
- Ansible/Vagrant/Packer files to create a virtual machine with the tooling needed to perform cloud security assessmentsβ139Updated 3 months ago
- The Open Threat Modeling Format (OTM) defines a platform independent way to define the threat model of any system.β171Updated 5 months ago
- Manager of third-party sources of Semgrep rules πβ81Updated 9 months ago
- Tools that checks for misconfigured access to Github OIDC from AWS roles and GCP service accountsβ61Updated last year
- β41Updated 2 months ago
- DEPRECATED, please use the new repository from OWASP: https://github.com/OWASP/raiderβ139Updated 3 years ago
- Tooling to simulate runtime attacks and test default runtime detections from Datadog Cloud Security Management.β30Updated 6 months ago
- A Risk-Based Prioritization Taxonomy for prioritizing CVEs (Common Vulnerabilities and Exposures).β74Updated 11 months ago
- β35Updated 8 months ago
- A tool for scanning public or private AMIs for sensitive files and secrets. The tool follows the research made on AWS CloudQuarry where wβ¦β106Updated 5 months ago