SecureStackCo / visualizing-software-supply-chain
A project to visualize the software supply chain
โ44Updated last year
Alternatives and similar repositories for visualizing-software-supply-chain:
Users that are interested in visualizing-software-supply-chain are comparing it to the libraries listed below
- Easy-to-use Threat modeling-as-a-Code (TaaC) solution following DevSecOps principles. Simple CI/CD integration as well as console usage. โฆโ61Updated 9 months ago
- ๐๏ธ STRIDE vs. ASVS equivalence tableโ76Updated 7 months ago
- StartLeft is an automation tool for generating Threat Models written in the Open Threat Model (OTM) format from a variety of different soโฆโ50Updated this week
- Create notes during a security code review in VSCode ๐ Import your favorite SAST tool findings ๐ ๏ธ and collaborate with others ๐คโ132Updated this week
- A powerful tool that leverages AI to automatically generate comprehensive security documentation for your projectsโ66Updated 2 weeks ago
- โ10Updated 2 years ago
- boostsecurityio/lotpโ119Updated 3 weeks ago
- A small tool to help developers understand a huge set of security requirements from appsec teamsโ45Updated 2 years ago
- Nextdoor's Cloud Security Posture Management (CSPM) Evaluation Matrixโ58Updated last year
- ๐งช Correlate Semgrep scans with Python test coverage to prioritize SAST findings and get bug fix suggestions via a self-hosted LLM.โ39Updated 3 months ago
- A full insecure kubernetes application for testing security toolsโ70Updated this week
- Vulnerable by Design AWS Cloud Development Kit (CDK) Infrastructureโ46Updated last year
- Ansible/Vagrant/Packer files to create a virtual machine with the tooling needed to perform cloud security assessmentsโ138Updated 3 months ago
- โ163Updated 6 months ago
- โ175Updated 4 months ago
- โ110Updated last year
- Holds the public Hacking the Cloud CTFs.โ55Updated last year
- Protect against subdomain takeoverโ93Updated 10 months ago
- โ55Updated last year
- A tool for scanning public or private AMIs for sensitive files and secrets. The tool follows the research made on AWS CloudQuarry where wโฆโ104Updated 4 months ago
- DustiLock is a tool to find which of your dependencies is susceptible to a Dependency Confusion attack.โ37Updated 3 years ago
- Tools that checks for misconfigured access to Github OIDC from AWS roles and GCP service accountsโ61Updated last year
- This application was built to help reduce the amount of time it takes to review AWS Lambda code.โ60Updated 4 months ago
- find dangling domains in a multi cloud environmentโ141Updated this week
- Autoconfigured ELK Stack That Contains All EPSS and NVD CVE Dataโ49Updated 8 months ago
- Clean accounts over permissions in GCP infra at scaleโ71Updated last year
- InfoSec OpenAI Examplesโ19Updated last year
- Whitebox evaluation of effective S3 object permissions, to identify publicly accessible files.โ76Updated 3 years ago
- A tool to uncover undocumented APIs from the AWS Console.โ99Updated 4 months ago
- A public cloud security knowledgebase - https://www.secwiki.cloud/โ51Updated 4 months ago