cloudsecurityalliance / wg-DevSecOps
DevSecOps Working Group
☆12Updated 4 years ago
Related projects: ⓘ
- The Secure Cloud Architecture (SCA) is a location & cloud agnostic flexible and repeatable conceptual deployment pattern that can adapt f…☆15Updated 4 years ago
- A collection of 2020 artifacts describing the major pain points, vulnerabilities and concerns with Cloud Security.☆19Updated 3 years ago
- A collection of DoD and Federal Government Cloud Computing Resources☆47Updated 3 years ago
- ☆12Updated 3 years ago
- A ComplianceAsCode blog☆25Updated this week
- A collection of DevSecOps reference architectures☆62Updated 3 years ago
- AppSecPipeline Specification for DevOps automation.☆38Updated last year
- Labs for Threat Modelling training delivered by ControlPlane☆28Updated 4 months ago
- A continuous security pipeline demo for the AWS DevSecOps Workshop.☆45Updated 4 years ago
- DEPRECATED: A set of utilities for converting and working with compliance data for viewing in the heimdall applications☆35Updated 2 years ago
- ***MERGED: SEE README:*** The XCCDF to InSpec parser scans and extracts the controls defined in the DISA XCCDF STIG XML documents and con…☆11Updated 5 years ago
- CI Pipeline with Pixi, the WAF OWASP Core Rule Set and TestCafe tests.☆15Updated 3 years ago
- CloudSplaining on AWS Managed Policies☆41Updated this week
- ☆18Updated 2 years ago
- (WIP) A terraform / kitchen-terraform hardening baseline for the cis-aws-foundations-baseline☆24Updated 2 years ago
- Vulnerable Kustomize Kubernetes templates for training and education☆47Updated 2 years ago
- The Auditree framework tool to run compliance control checks as unit tests.☆59Updated last month
- NIST SP 800-53, Security and Privacy Controls for Federal Information Systems and Organizations☆34Updated last month
- This repository will teach you have to do my talk "Pushing Left, Like a Boss".☆69Updated 2 years ago
- A repository containing OSCAL serializations of the CIS Critical Security Controls☆48Updated last year
- A command-line and ruby API of utilities, converters and tools for creating, converting and processing security baseline formats, results…☆91Updated last month
- Ansible Playbooks for Security Automation with Ansible2 book☆96Updated 6 years ago
- Open source tool for processing OSCAL based FedRAMP SSPs☆36Updated 4 months ago
- OWASP Foundation Web Respository☆52Updated last year
- A public repository with scripts and tools for mass / automated onboarding of cloud accounts (AWS,Azure,GCP)☆23Updated 3 years ago
- Threat Modeling Manifesto☆24Updated 2 months ago
- GSA Security Benchmarks and Tools☆21Updated 5 years ago
- EXPERIMENTAL: a template builder for FedRAMP System Security Plans☆36Updated 4 years ago
- Machine readable cybersecurity compliance standards library for Python, starting with FISMA and NIST Risk Management Framework☆57Updated 4 years ago
- OWASP Foundation Web Respository☆26Updated last year