dependency-check / Dependency-Check_Action
Github action to run dependency check
☆77Updated 8 months ago
Alternatives and similar repositories for Dependency-Check_Action:
Users that are interested in Dependency-Check_Action are comparing it to the libraries listed below
- Count distinct contributor of Snyk watched repos across several SCM☆32Updated 10 months ago
- The Security Champion Framework provides both a measuring stick and a roadmap generator for Champion Programs.☆107Updated last year
- Checkmarx CxFlow GitHub Action with SARIF output☆53Updated 3 months ago
- Examples of integrating the Snyk CLI into a CI/CD system☆87Updated 4 months ago
- OWASP Foundation Web Respository☆82Updated 3 months ago
- GitHub Advance Security Compliance Action☆133Updated 2 years ago
- Exports vulnerability scan data from the Checkmarx SAST platform for use in analytical tools.☆19Updated 5 months ago
- ☆284Updated 2 years ago
- A tool to check the security settings of Github Organizations.☆71Updated last year
- The Open Threat Modeling Format (OTM) defines a platform independent way to define the threat model of any system.☆171Updated 5 months ago
- GitHub Advanced Security Policy as Code☆82Updated last week
- A utility to (re-)import findings and language data into DefectDojo☆43Updated 7 months ago
- Discover vulnerabilities and container image misconfiguration in production environments.☆55Updated last month
- ThreatModel for Amazon S3 - Library of all the attack scenarios on Amazon S3, and how to mitigate them following a risk-based approach☆153Updated last year
- GitHub actions of KICS scan - Keeping Infrastructure as Code Secure☆48Updated this week
- Publishes BOMs to Dependency-Track from GitHub Actions☆53Updated 6 months ago
- Prevent SSRF attacks on AWS EC2 via automated upgrades to the more secure Instance Metadata Service v2 (IMDSv2).☆143Updated last year
- The OWASP DevSecOps Guideline explains how we can implement a secure pipeline and use best practices and introduce tools that we can use …☆66Updated 10 months ago
- Easy-to-use Threat modeling-as-a-Code (TaaC) solution following DevSecOps principles. Simple CI/CD integration as well as console usage. …☆62Updated 10 months ago
- Examples of Custom Secret Scanning Patterns☆159Updated 2 months ago
- The Amazon Elastic Kubernetes Service (EKS) Creation Engine (ECE) is a Python command-line program created by the Lightspin Office of the…☆40Updated 2 years ago
- Identify all permitted data paths originating from the Internet to Network Interfaces within AWS Accounts across the entire AWS Organizat…☆39Updated last year
- Generate a score for your sbom to understand if it will actually be useful.☆229Updated 8 months ago
- Sample DevSecOps pipelines (heavily biased on the "Sec") for various stacks and tools using open-source security tools and AWS native ser…☆68Updated 3 years ago
- CloudSplaining on AWS Managed Policies☆41Updated this week
- PolicyGlass allows you to analyse one or more AWS policies' effective permissions in aggregate, by restating them in the form of PolicySh…☆59Updated 3 years ago
- ☆102Updated this week
- GitHub action to scan container images with Palo Alto Networks' Prisma Cloud☆57Updated last month
- A small tool to help developers understand a huge set of security requirements from appsec teams☆45Updated 2 years ago
- Tools that checks for misconfigured access to Github OIDC from AWS roles and GCP service accounts☆61Updated last year