cycodehq / cycode-cli
Boost security in your dev lifecycle via SAST, SCA, Secrets & IaC scanning
☆85Updated this week
Related projects ⓘ
Alternatives and complementary repositories for cycode-cli
- Runtime Security Solution for your CI/CD Pipeline☆88Updated 2 months ago
- Tool to achieve policy driven vetting of open source dependencies☆234Updated this week
- A utility to (re-)import findings and language data into DefectDojo☆42Updated last month
- OWASP Dependency Track API client for intergration into CI/CD pipeline☆51Updated 3 months ago
- The Open Threat Modeling Format (OTM) defines a platform independent way to define the threat model of any system.☆169Updated this week
- A compilation of Software Supply Chain Security resources including initiatives, standards, regulations, organizations, vendors, tooling,…☆126Updated 9 months ago
- OWASP Foundation Web Respository☆79Updated 2 months ago
- OWASP Kubernetes security and compliance tool [WIP]☆104Updated last year
- SBOM quality score - Quality metrics for your sboms☆186Updated this week
- Generate a score for your sbom to understand if it will actually be useful.☆221Updated 3 months ago
- SecObserve is an open source vulnerability management system for software development and cloud environments. It supports a variety of op…☆97Updated this week
- Publishes BOMs to Dependency-Track from GitHub Actions☆47Updated last month
- The OWASP DevSecOps Guideline explains how we can implement a secure pipeline and use best practices and introduce tools that we can use …☆61Updated 5 months ago
- Scans Software Bill of Materials (SBOMs) for security vulnerabilities☆516Updated this week
- The security workflow engine!☆73Updated this week
- A compilation of resources in the software supply chain security domain, with emphasis on open source☆291Updated last year
- MetaHub is an automated contextual security findings enrichment and impact evaluation tool for vulnerability management.☆156Updated this week
- Enrich SBOMs with data from third party services☆120Updated this week
- Utility that provides an API platform for validating, querying and managing BOM data☆95Updated this week
- Tool for collecting vulnerability data from various sources (used to build the grype database)☆75Updated this week
- A full insecure kubernetes application for testing security tools☆54Updated this week
- GitHub Actions Goat: Deliberately Vulnerable GitHub Actions CI/CD Environment☆443Updated last month
- CI/CD Security Analyzer☆626Updated last month
- Github action to run dependency check☆71Updated 3 months ago
- The Security Champion Framework provides both a measuring stick and a roadmap generator for Champion Programs.☆104Updated 10 months ago
- Damn Vulnerable SCA Application☆15Updated last month
- Incubating project for decoupling responsibilities from Dependency-Track's monolithic API server into separate, scalable services.☆61Updated this week
- boostsecurityio/poutine☆232Updated this week
- Curating Falco rules with MITRE ATT&CK Matrix☆74Updated 8 months ago
- A standard API specification for exchanging supply chain artifacts and intelligence☆59Updated this week