bancolombia / devsecops-engine-tools
Toolchain for the evaluation of different devsecops practices
☆29Updated this week
Alternatives and similar repositories for devsecops-engine-tools:
Users that are interested in devsecops-engine-tools are comparing it to the libraries listed below
- A compilation of Software Supply Chain Security resources including initiatives, standards, regulations, organizations, vendors, tooling,…☆132Updated last year
- A comprehensive list of software composition analysis tools.☆141Updated 10 months ago
- A curated list of Software Component Analysis (SCA) books, courses - free and paid, videos, tools, and tutorials.☆103Updated 4 months ago
- Checkmarx Scan and Result Orchestration☆94Updated this week
- A powerful tool that leverages AI to automatically generate comprehensive security documentation for your projects☆70Updated last month
- The OWASP DevSecOps Guideline explains how we can implement a secure pipeline and use best practices and introduce tools that we can use …☆66Updated 10 months ago
- Virtual environment for learning DevSecOps☆33Updated 7 years ago
- Easy-to-use Threat modeling-as-a-Code (TaaC) solution following DevSecOps principles. Simple CI/CD integration as well as console usage. …☆62Updated 9 months ago
- Purposely vulnerable Java application to help lead secure coding workshops☆179Updated 9 months ago
- Repository containing source code of MixewayFlow service that is Swiss army knife for DevSecOps Teams☆48Updated this week
- Public OCI-Image (docker image) Security Checker☆16Updated last month
- DustiLock is a tool to find which of your dependencies is susceptible to a Dependency Confusion attack.☆37Updated 3 years ago
- Github action to generate BoM and upload to OWASP dependency track for vulnerability analysis☆39Updated 6 months ago
- A utility to (re-)import findings and language data into DefectDojo☆43Updated 6 months ago
- Fork Threat Modeling Platform - Community☆18Updated 3 weeks ago
- OWASP Foundation Web Respository☆44Updated 7 months ago
- A full insecure kubernetes application for testing security tools☆70Updated 2 weeks ago
- Discover vulnerabilities and container image misconfiguration in production environments.☆55Updated last month
- An experimental project using LLM technology to generate security documentation for Open Source Software (OSS) projects☆27Updated last month
- Scans your Github Actions for security issues☆64Updated last month
- Welcome to `ai-secure-code-review`, a repository that integrates static analysis tools with Generative AI, specifically Semgrep and Azure…☆28Updated 5 months ago
- ☆188Updated 5 months ago
- OWASP Foundation Web Respository☆19Updated last month
- ☆60Updated 2 months ago
- Manager of third-party sources of Semgrep rules 🗂☆81Updated 8 months ago
- Use AI to Scan Your Code from the Command Line for security and code smells. Bring your own keys. Supports OpenAI and Gemini☆166Updated 2 weeks ago
- OWASP Kubernetes security and compliance tool [WIP]☆106Updated last year
- Secrets scanner that understands code☆139Updated last month
- MetaHub is an automated contextual security findings enrichment and impact evaluation tool for vulnerability management.☆169Updated last month
- Sunshine - SBOM visualization tool☆41Updated 2 weeks ago