fortify / CloudDevSecOpsTemplates
Templates to integrate Fortify application security testing with Amazon Web Services (AWS), Azure, Google Cloud Platform (GCP) and Oracle Cloud Infrastructure (OCI)
☆16Updated 4 months ago
Alternatives and similar repositories for CloudDevSecOpsTemplates:
Users that are interested in CloudDevSecOpsTemplates are comparing it to the libraries listed below
- A collection of DevSecOps reference architectures☆67Updated 4 years ago
- ☆41Updated last month
- ThreatModel for Azure Storage - Library of all the attack scenarios on Azure Storage, and how to mitigate them following a risk-based app…☆58Updated last year
- Easy-to-use Threat modeling-as-a-Code (TaaC) solution following DevSecOps principles. Simple CI/CD integration as well as console usage. …☆61Updated 9 months ago
- Cloud Analytics helps defenders detect attacks to their cloud infrastructure by developing behavioral analytics for cloud platforms as we…☆53Updated last year
- A cheatsheet containing AWS CloudTrail events that can be used for Incident Response purposes or Detection Engineering.☆69Updated 10 months ago
- Cloud Offensive Breach and Risk Assessment (COBRA) Tool☆88Updated last month
- OWASP Foundation Web Respository☆55Updated last year
- The OWASP DevSecOps Guideline explains how we can implement a secure pipeline and use best practices and introduce tools that we can use …☆66Updated 9 months ago
- An experimental project using LLM technology to generate security documentation for Open Source Software (OSS) projects☆27Updated last month
- ☆20Updated last week
- ☆41Updated last year
- OWASP Foundation Web Respository☆44Updated 6 months ago
- A self assessment tool to help understand your level in the SANS Vulnerability Management Maturity Model (VMMM).☆32Updated 3 weeks ago
- Nextdoor's Cloud Security Posture Management (CSPM) Evaluation Matrix☆58Updated last year
- A full insecure kubernetes application for testing security tools☆70Updated this week
- DeRF (Detection Replay Framework) is an "Attacks As A Service" framework, allowing the emulation of offensive techniques and generation o…☆91Updated last year
- GCP GOAT is the vulnerable application for learn the GCP Security☆64Updated last year
- Controls Assessment Specification☆69Updated this week
- Cross cloud workload identity research and workshops☆36Updated last week
- https://breaches.cloud☆38Updated 5 months ago
- Public repository of all things cloud security.☆41Updated 6 months ago
- Run individual configuration, compliance and security controls or full compliance benchmarks for CIS, HIPAA HITRUST, NIST, and more acros…☆58Updated last month
- Threat Modeling Manifesto☆28Updated 8 months ago
- A small set of scripts to summarize AWS Security Groups, and generate visualizations of the rules.☆62Updated 4 years ago
- StartLeft is an automation tool for generating Threat Models written in the Open Threat Model (OTM) format from a variety of different so…☆50Updated this week
- Joint NIST/FedRAMP tool to interact with OSCAL files via a browser-based GUI☆43Updated 5 years ago
- This provides a guided step by step walkthrough for threat modeling with MITRE ATT&CK Framework☆27Updated last month
- OWASP Foundation Web Respository☆30Updated 2 years ago
- An AI-powered tool for discovering privilege escalation opportunities in AWS IAM configurations.☆105Updated 5 months ago