☆424Jan 18, 2023Updated 3 years ago
Alternatives and similar repositories for top-10-cicd-security-risks
Users that are interested in top-10-cicd-security-risks are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- A deliberately vulnerable CI/CD environment. Learn CI/CD security through multiple challenges.☆2,222Jul 14, 2024Updated last year
- OWASP Foundation Web Respository☆104Dec 22, 2025Updated 3 months ago
- Threat matrix for CI/CD Pipeline☆762Jul 8, 2024Updated last year
- Automating situational awareness for cloud penetration tests.☆2,340Updated this week
- AWSGoat : A Damn Vulnerable AWS Infrastructure☆2,000May 20, 2025Updated 10 months ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- This is a step-by-step guide to implementing a DevSecOps program for any size organization☆2,039Dec 21, 2024Updated last year
- A PoC to Simulate Ransomware Attack on AWS Environment☆33Oct 14, 2024Updated last year
- Open-Source Unified Vulnerability Management, DevSecOps & ASPM☆4,626Apr 12, 2026Updated last week
- GitHub Actions Goat: Deliberately Vulnerable GitHub Actions CI/CD Environment☆502Jun 27, 2025Updated 9 months ago
- Kubernetes Security Checklist and Requirements - All in One (authentication, authorization, logging, secrets, configuration, network, wor…☆486Dec 13, 2021Updated 4 years ago
- Granular, Actionable Adversary Emulation for the Cloud☆2,292Apr 9, 2026Updated last week
- ☆573Updated this week
- The Security Champion Framework provides both a measuring stick and a roadmap generator for Champion Programs.☆110Jan 16, 2024Updated 2 years ago
- AWS SSO serverless phishing API.☆32Jun 30, 2021Updated 4 years ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- Markdown Version of the DHS/CISA Secure Software Development Self Attestation Form.☆22May 4, 2023Updated 2 years ago
- The OWASP DevSecOps Guideline can help us to embedding security as a part of the development pipeline.☆1,052Jan 5, 2026Updated 3 months ago
- OWASP Foundation Web Respository☆608Mar 24, 2026Updated 3 weeks ago
- This repo has been replaced by https://www.cloudvulndb.org☆727Jun 29, 2022Updated 3 years ago
- 🖇️ equivalence table between OWASP ASVS standard and STRIDE threat modeling methodology.☆76Aug 22, 2024Updated last year
- Checklist for container security - devsecops practices☆1,617Sep 15, 2025Updated 7 months ago
- Multi-Cloud Security Auditing Tool☆7,625Sep 23, 2025Updated 6 months ago
- GitGoat is an open source tool that was built to enable DevOps and Engineering teams to design and implement a sustainable misconfigurati…☆173Jan 24, 2025Updated last year
- GitHub Actions Pipeline Enumeration and Attack Tool☆742Mar 26, 2026Updated 3 weeks ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Attack Flow helps executives, SOC managers, and defenders easily understand how attackers compose ATT&CK techniques into attacks by devel…☆727Nov 14, 2025Updated 5 months ago
- Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on p…☆5,596Updated this week
- StartLeft is an automation tool for generating Threat Models written in the Open Threat Model (OTM) format from a variety of different so…☆54Mar 4, 2026Updated last month
- The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.☆5,136Mar 30, 2026Updated 2 weeks ago
- An encyclopedia for offensive and defensive security knowledge in cloud native technologies.☆2,625Apr 6, 2026Updated last week
- A repository of breaches of AWS customers☆802Mar 30, 2026Updated 2 weeks ago
- CloudGoat is Rhino Security Labs' "Vulnerable by Design" AWS deployment tool☆3,541Updated this week
- Ultimate DevSecOps library☆6,694Mar 5, 2026Updated last month
- This repository contains a collection of cheatsheets I have put together for tools related to pentesting organizations that leverage clou…☆2,806Apr 6, 2026Updated last week
- Serverless GPU API endpoints on Runpod - Bonus Credits • AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- Vulnerable app with examples showing how to not use secrets☆1,423Updated this week
- Supply Chain Security Research - Living Off The Pipeline tools☆149Updated this week
- ☆233Dec 18, 2025Updated 4 months ago
- Application Security Verification Standard☆3,401Mar 17, 2026Updated last month
- Redis Security Map - Anti-hacking for Redis☆31Mar 11, 2022Updated 4 years ago
- A tool to check the security settings of Github Organizations.☆75Feb 9, 2026Updated 2 months ago
- A reading list for software supply-chain security.☆365Nov 21, 2022Updated 3 years ago