aparsons / bag-of-holding
An application to assist in the organization and prioritization of software security activities.
☆136Updated 3 years ago
Related projects ⓘ
Alternatives and complementary repositories for bag-of-holding
- OWASP Cloud Security - Enabling conversations through threat and control stories☆177Updated 5 years ago
- Node application to help managing Maturity Models like the ones created by BSIMM and OpenSAMM☆188Updated 6 years ago
- Mittn: Security test tool runner for test automation in CI☆195Updated 10 months ago
- Content for 'JIRA Risk Project' book published at LeanPub☆56Updated 6 years ago
- for AWS Security material☆246Updated 2 years ago
- Content for OWASP Summit 2017 site☆128Updated 4 years ago
- A simple web app that helps developers understand the ASVS requirements.☆154Updated 8 months ago
- A unified DevSecOps Framework that allows you to go from iterative, collaborative Threat Modeling to Application Security Test Orchestrat…☆274Updated this week
- ThreadFix is a software vulnerability management platform. This GitHub site is far out of date. Please go to www.threadfix.it for up-to-d…☆340Updated last year
- A Java library for parsing and programmatically using threat models☆79Updated last year
- Presentations, training modules, and other education materials from Duo Security's Application Security team.☆71Updated 3 years ago
- AppSecPipeline Specification for DevOps automation.☆38Updated last year
- Google Cloud Platform Security Tool☆232Updated 5 years ago
- Repo to hold mapping of user-security-stories☆114Updated 5 years ago
- Security Payload Unit Test Repository (SPUTR)☆86Updated last year
- A very vulnerable serverless application in AWS Lambda☆94Updated 5 years ago
- ☆61Updated last year
- threatspec - continuous threat modeling, through code☆332Updated 3 years ago
- A repository for wardley maps related to security topics.☆47Updated 7 years ago
- Project intended to make Attack Maps part of software development by reducing the time it takes to complete them.☆46Updated 7 years ago
- ☆57Updated 4 years ago
- Python installable command line utiltity for mitigation of host and key compromises.☆344Updated 3 years ago
- SAMM stands for Software Assurance Maturity Model.☆397Updated 2 years ago
- ☆82Updated 4 years ago
- Example detection of compromise credentials in AWS☆119Updated 6 years ago
- SeaSponge is an accessible threat modelling tool from Mozilla☆278Updated 6 years ago
- An open source, online threat modelling tool from OWASP☆483Updated 4 months ago
- The clever vulnerability dependency finder☆96Updated 2 years ago