bancolombia / devsecops-engine-toolsLinks
Toolchain for the evaluation of different devsecops practices
☆43Updated this week
Alternatives and similar repositories for devsecops-engine-tools
Users that are interested in devsecops-engine-tools are comparing it to the libraries listed below
Sorting:
- The OWASP DevSecOps Guideline explains how we can implement a secure pipeline and use best practices and introduce tools that we can use …☆81Updated last month
- A utility to (re-)import findings and language data into DefectDojo☆43Updated last year
- A compilation of Software Supply Chain Security resources including initiatives, standards, regulations, organizations, vendors, tooling,…☆139Updated 2 years ago
- A full insecure kubernetes application for testing security tools☆90Updated 3 months ago
- Discover vulnerabilities and container image misconfiguration in production environments.☆55Updated 3 weeks ago
- OWASP Foundation Web Respository☆101Updated last month
- A flexible framework for security teams to build and deploy AI-powered workflows that complement their existing security operations.☆148Updated last week
- OWASP Foundation Web Respository☆56Updated 4 months ago
- Scans your Github Actions for security issues☆88Updated this week
- OWASP Foundation Web Respository☆22Updated 3 months ago
- OWASP Kubernetes security and compliance tool [WIP]☆108Updated 2 years ago
- The security workflow engine!☆136Updated 2 months ago
- Damn Vulnerable Kubernetes App (DVKA) is a series of apps deployed on Kubernetes that are damn vulnerable.☆195Updated 4 months ago
- A curated list of Software Component Analysis (SCA) books, courses - free and paid, videos, tools, and tutorials.☆111Updated last year
- ☆559Updated this week
- Test & Compare different Kubernetes security offerings on EKS, GKE and AKS☆40Updated last year
- A comprehensive list of software composition analysis tools.☆162Updated 3 months ago
- NextJS-based single-page application for completing and reviewing SAMM assessments☆79Updated 2 years ago
- OWASP Project Developer Guide - Document and Project Web pages☆114Updated 3 weeks ago
- OWASP Foundation Web Respository☆45Updated last month
- A comprehensive, systematic and actionable way to understand attacker behaviors and techniques with respect to the software supply chain☆97Updated 11 months ago
- SecObserve is an open source vulnerability and license management system for software development teams and cloud environments. It suppor…☆217Updated this week
- Curating Falco rules with MITRE ATT&CK Matrix☆86Updated last year
- Easy-to-use Threat modeling-as-a-Code (TaaC) solution following DevSecOps principles. Simple CI/CD integration as well as console usage. …☆68Updated 7 months ago
- Container 📦 Security 🔐 Best Practices Checklist 📋 & Slides☆69Updated 5 years ago
- A project to visualize the software supply chain☆58Updated 2 years ago
- The Open Threat Modeling Format (OTM) defines a platform independent way to define the threat model of any system.☆179Updated last month
- Scans Software Bill of Materials (SBOMs) for security vulnerabilities☆596Updated 10 months ago
- Vulnerability database and package search for sources such as Linux, OSV, NVD, GitHub and npm. Powered by sqlite, CVE 5.2, purl, and vers…☆135Updated 2 weeks ago
- Focused malicious code detection ruleset, with a high protection-to-noise ratio☆141Updated 11 months ago