fortify / FortifyVulnerabilityExporter
Export Fortify vulnerability data to GitHub, GitLab, SonarQube and more
☆23Updated 3 months ago
Related projects: ⓘ
- A walkthrough of security controls for a serverless architecture via a demo application☆11Updated 2 years ago
- Offensive Terraform Website☆44Updated 3 years ago
- Easy-to-use Threat modeling-as-a-Code (TaaC) solution following DevSecOps principles. Simple CI/CD integration as well as console usage. …☆54Updated 2 months ago
- Vulnerable by Design AWS Cloud Development Kit (CDK) Infrastructure☆42Updated 8 months ago
- Take this course to learn how to create fine-grained, least-privilege HashiCorp Vault roles for GitHub Action workflows using GitHub OIDC…☆13Updated 5 months ago
- ☆30Updated this week
- WAF bypass PoC☆43Updated 11 months ago
- The Amazon Elastic Kubernetes Service (EKS) Creation Engine (ECE) is a Python command-line program created by the Lightspin Office of the…☆40Updated last year
- Discover vulnerabilities and container image misconfiguration in production environments.☆53Updated 2 weeks ago
- Tools that checks for misconfigured access to Github OIDC from AWS roles and GCP service accounts☆56Updated last year
- Clean accounts over permissions in GCP infra at scale☆70Updated last year
- An AWS IAM policy statement parser and query tool.☆153Updated 7 months ago
- Efficient DevSecOps☆47Updated 5 months ago
- For use in our Tenable.IO to AWS Security Hub integration☆27Updated last week
- ☆31Updated last year
- An implementation of infrastructure-as-code scanning using dynamic tooling.☆56Updated 2 years ago
- ☆110Updated 3 months ago
- A curated list of Software Component Analysis (SCA) books, courses - free and paid, videos, tools, and tutorials.☆98Updated 3 months ago
- ZAP Management Scripts☆20Updated last week
- Safelog4j is an instrumentation-based security tool to help teams discover, verify, and solve log4shell vulnerabilities without scanning …☆41Updated 3 months ago
- CdkGoat is Bridgecrew's "Vulnerable by Design" AWS CDK repository. CdkGoat is a learning and training project that demonstrates how commo…☆43Updated last year
- Cloud Security Posture security policies☆29Updated last week
- Tooling to simulate runtime attacks and test default runtime detections from Datadog Cloud Security Management.☆29Updated 5 months ago
- Scan your EC2 instance to find its vulnerabilities using Vuls (https://vuls.io/en/)☆87Updated last year
- Mixeway is security orchestrator for vulnerability scanners which enable easy plug in integration with CICD pipelines. MixewayHub project…☆107Updated 6 months ago
- OWASP Foundation Web Respository☆10Updated last year
- NamespaceHound is the tool for detecting the risk of potential namespace crossing violations in multi-tenant clusters.☆56Updated 6 months ago
- The OWASP DevSecOps Guideline explains how we can implement a secure pipeline and use best practices and introduce tools that we can use …☆58Updated 3 months ago
- OWASP Foundation Web Respository☆37Updated 2 weeks ago
- Protect your Cloud Native Applications running on Kubernetes from malicious attacks with pre-registered source code, pre-registered runti…☆54Updated 4 months ago