djschleen / devsecops-architecture-tools

Related projects ⓘ

Alternatives and complementary repositories for devsecops-architecture-tools

• hysnsec / awesome-policy-as-code
  A curated list of policy-as-code resources like blogs, videos, and tools to practice on for learning Policy-as-Code.
  ☆181Updated 11 months ago
• ayeks / devsecops-reference-architectures
  A collection of DevSecOps reference architectures
  ☆64Updated 3 years ago
• hysnsec / awesome-sca
  A curated list of Software Component Analysis (SCA) books, courses - free and paid, videos, tools, and tutorials.
  ☆98Updated 5 months ago
• OWASP / www-project-devsecops-guideline
  The OWASP DevSecOps Guideline explains how we can implement a secure pipeline and use best practices and introduce tools that we can use …
  ☆61Updated 4 months ago
• OWASP / www-project-devsecops-maturity-model
  OWASP Foundation Web Respository
  ☆54Updated last year
• OWASP / www-project-top-10-ci-cd-security-risks
  OWASP Foundation Web Respository
  ☆79Updated 2 months ago
• lightspin-tech / eks-creation-engine
  The Amazon Elastic Kubernetes Service (EKS) Creation Engine (ECE) is a Python command-line program created by the Lightspin Office of the…
  ☆40Updated last year
• tenable / KaiMonkey
  KaiMonkey provides vulnerable infrastructure as code (IaC) to help explore and understand common cloud security threats exposed via IaC.
  ☆96Updated 10 months ago
• jonrau1 / AWS-DevSecOps-Factory
  Sample DevSecOps pipelines (heavily biased on the "Sec") for various stacks and tools using open-source security tools and AWS native ser…
  ☆67Updated 3 years ago
• aws-samples / network-access-analyzer-multi-account-analysis
  Identify all permitted data paths originating from the Internet to Network Interfaces within AWS Accounts across the entire AWS Organizat…
  ☆36Updated last year
• Quobis / action-owasp-dependecy-track-check
  Github action to generate BoM and upload to OWASP dependency track for vulnerability analysis
  ☆37Updated last month
• OWASP / OpenCRE
  ☆79Updated this week
• primeharbor / breaches.cloud
  https://breaches.cloud
  ☆36Updated 3 weeks ago
• iriusrisk / OpenThreatModel
  The Open Threat Modeling Format (OTM) defines a platform independent way to define the threat model of any system.
  ☆169Updated 8 months ago
• controlplaneio / threat-modelling-labs
  Labs for Threat Modelling training delivered by ControlPlane
  ☆28Updated 6 months ago
• crashappsec / github-analyzer
  A tool to check the security settings of Github Organizations.
  ☆69Updated last year
• rusakovichma / TicTaaC
  Easy-to-use Threat modeling-as-a-Code (TaaC) solution following DevSecOps principles. Simple CI/CD integration as well as console usage. …
  ☆55Updated 4 months ago
• SeisoLLC / easy_infra
  A docker container to simplify and secure the use of Infrastructure as Code (IaC)
  ☆68Updated this week
• elastisys / security-review
  ☆16Updated 2 years ago
• snyk-labs / snyk-cicd-integration-examples
  Examples of integrating the Snyk CLI into a CI/CD system
  ☆80Updated 7 months ago
• marco-lancini / k8s-lab-plz
  Modular Kubernetes lab which provides an easy and streamlined way to deploy a test cluster with support for different components.
  ☆52Updated 10 months ago
• iacsecurity / tool-compare
  ☆278Updated last year
• latiotech / insecure-kubernetes-deployments
  A full insecure kubernetes application for testing security tools
  ☆54Updated last week
• JupiterOne / secops-automation-examples
  Examples on how to maintain security/compliance as code and to automate SecOps using the JupiterOne platform.
  ☆53Updated 10 months ago
• IBM / sbom-utility
  This repo. is archived. The utility is now at: https://github.com/CycloneDX/sbom-utility
  ☆61Updated last year
• magnologan / gha-devsecops
  DevSecOps Pipeline using SAST + DAST and SCA tools
  ☆58Updated last year