Security Champions Playbook v 2.1
☆392Sep 25, 2023Updated 2 years ago
Alternatives and similar repositories for security-champions-playbook
Users that are interested in security-champions-playbook are comparing it to the libraries listed below
Sorting:
- The Security Champion Framework provides both a measuring stick and a roadmap generator for Champion Programs.☆110Jan 16, 2024Updated 2 years ago
- A Continuous Threat Modeling methodology☆324Jun 24, 2022Updated 3 years ago
- Content for OWASP Summit 2017 site☆129Nov 12, 2020Updated 5 years ago
- A curated list of threat modeling resources (Books, courses - free and paid, videos, tools, tutorials and workshops to practice on ) for …☆1,719Aug 2, 2024Updated last year
- This project is about creating and publishing threat model examples.☆429Nov 10, 2021Updated 4 years ago
- Agile Threat Modeling Toolkit☆727Nov 20, 2025Updated 3 months ago
- Node application to help managing Maturity Models like the ones created by BSIMM and OpenSAMM☆195Aug 27, 2018Updated 7 years ago
- A small tool to help developers understand a huge set of security requirements from appsec teams☆46Sep 2, 2022Updated 3 years ago
- A unified DevSecOps Framework that allows you to go from iterative, collaborative Threat Modeling to Application Security Test Orchestrat…☆280Feb 17, 2026Updated 2 weeks ago
- A Pythonic framework for threat modeling☆1,110Feb 24, 2026Updated last week
- An open source, online threat modelling tool from OWASP☆484Jul 18, 2025Updated 7 months ago
- ☆565Updated this week
- Security Knowledge Framework (SKF) Python Flask / Angular project☆827Mar 12, 2024Updated last year
- An authoritative list of awesome devsecops tools with the help from community experiments and contributions.☆5,340May 11, 2024Updated last year
- Application Security Automation☆527Sep 5, 2023Updated 2 years ago
- Presentations, training modules, and other education materials from Duo Security's Application Security team.☆76Jul 15, 2021Updated 4 years ago
- materials we hand out☆147Jul 17, 2025Updated 7 months ago
- threatspec - continuous threat modeling, through code☆379Dec 30, 2020Updated 5 years ago
- Offensive Terraform module which copies publicly exposed EBS snapshot to us-east-1 region in attacker's AWS account and creates EBS volum…☆14Sep 18, 2020Updated 5 years ago
- The OWASP DevSecOps Guideline can help us to embedding security as a part of the development pipeline.☆1,035Jan 5, 2026Updated 2 months ago
- This is a step-by-step guide to implementing a DevSecOps program for any size organization☆2,034Dec 21, 2024Updated last year
- ☆115Jul 3, 2024Updated last year
- ☆35Mar 8, 2022Updated 4 years ago
- Some of the questions which i was asked when i was giving interviews for Application/Product Security roles. I am sure this is not an exh…☆678Aug 7, 2020Updated 5 years ago
- AppSec Ezine Public Repository.☆1,217Nov 14, 2025Updated 3 months ago
- ☆35May 13, 2021Updated 4 years ago
- Vulnerable app with examples showing how to not use secrets☆1,397Updated this week
- The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters☆14Feb 10, 2022Updated 4 years ago
- An application to assist in the organization and prioritization of software security activities.☆139Jun 10, 2021Updated 4 years ago
- SAMM stands for Software Assurance Maturity Model.☆398May 17, 2022Updated 3 years ago
- Equal Experts Secure Delivery Playbook☆26Feb 21, 2023Updated 3 years ago
- A comprehensive framework for analyzing and defending against attacks targeting Software Development Life Cycle Infrastructure.☆128Updated this week
- Curating the best DevSecOps resources and tooling.☆1,637Aug 2, 2024Updated last year
- Application Security Verification Standard☆3,359Updated this week
- Slack enumeration and exposed secrets detection tool☆398Jan 8, 2026Updated 2 months ago
- Documenting your Threat Models with HCL☆454Mar 1, 2026Updated last week
- ☆17Feb 3, 2026Updated last month
- CloudSplaining on AWS Managed Policies☆44Sep 8, 2025Updated 6 months ago
- OWASP Cloud Security - Enabling conversations through threat and control stories☆182Dec 7, 2018Updated 7 years ago