dominikdesmit / owasp-secrets-management
The OWASP best practices and guidelines for Secrets Management
β8Updated 5 years ago
Related projects β
Alternatives and complementary repositories for owasp-secrets-management
- β61Updated last year
- ποΈ STRIDE vs. ASVS equivalence tableβ75Updated 3 months ago
- Prevent SSRF attacks on AWS EC2 via automated upgrades to the more secure Instance Metadata Service v2 (IMDSv2).β138Updated 8 months ago
- 'Continuous' AWS perimeter monitoring: Periodically scan internet facing AWS resources to detect misconfigured services.β62Updated 5 years ago
- Segment's Threat Modeling training for our engineersβ238Updated 3 years ago
- Repository for the Open Information Security Risk Universe��β63Updated 2 years ago
- Open Cloud Security Posture Management Engineβ335Updated 2 years ago
- The Open Threat Modeling Format (OTM) defines a platform independent way to define the threat model of any system.β169Updated this week
- ThreatModel for Amazon S3 - Library of all the attack scenarios on Amazon S3, and how to mitigate them following a risk-based approachβ151Updated last year
- Example detection of compromise credentials in AWSβ119Updated 6 years ago
- The Security Champion Framework provides both a measuring stick and a roadmap generator for Champion Programs.β104Updated 10 months ago
- Deliberately vulnerable AWS resources for security assessment demosβ31Updated 2 years ago
- β121Updated last year
- OWASP Cloud Security - Enabling conversations through threat and control storiesβ177Updated 5 years ago
- A unified DevSecOps Framework that allows you to go from iterative, collaborative Threat Modeling to Application Security Test Orchestratβ¦β274Updated last week
- AppSecPipeline Specification for DevOps automation.β38Updated last year
- Documenting your Threat Models with HCLβ401Updated 2 months ago
- AI featured threat modeling and security review actionβ40Updated this week
- Resource types that can be publicly exposed on AWSβ317Updated 2 years ago
- Project intended to make Attack Maps part of software development by reducing the time it takes to complete them.β46Updated 7 years ago
- PolicyGlass allows you to analyse one or more AWS policies' effective permissions in aggregate, by restating them in the form of PolicyShβ¦β58Updated 2 years ago
- List of vendors that do not allow IMDSv2 enforcementβ142Updated 6 months ago
- Be notified in the event of a new GCP Organization Policy being released.β24Updated this week
- β28Updated 8 months ago
- Examples on how to maintain security/compliance as code and to automate SecOps using the JupiterOne platform.β53Updated 10 months ago
- Red Team Scripts for AWS.β166Updated 4 years ago
- InSpec profile to validate your VPC to the standards of the CIS Amazon Web Services Foundations Benchmarkβ77Updated 5 months ago
- β82Updated 4 years ago
- Orchestron is an Application Vulnerability Management and Correlation Tool.Orchestron helps you solve one key problem "Find and fix vulneβ¦β31Updated 2 years ago
- IAMFinder enumerates and finds users and IAM roles in a target AWS account.β109Updated 4 years ago