globocom / huskyCI

Related projects ⓘ

Alternatives and complementary repositories for huskyCI

• ZupIT / horusec
  Horusec is an open source tool that improves identification of vulnerabilities in your project with just one command.
  ☆1,147Updated this week
• insidersec / insider
  Static Application Security Testing (SAST) engine focused on covering the OWASP Top 10, to make source code analysis to find vulnerabilit…
  ☆515Updated 2 years ago
• c0rdis / security-champions-playbook
  Security Champions Playbook v 2.1
  ☆347Updated last year
• Autodesk / continuous-threat-modeling
  A Continuous Threat Modeling methodology
  ☆311Updated 2 years ago
• OWASP / DevSecOpsGuideline
  The OWASP DevSecOps Guideline can help us to embedding security as a part of the development pipeline.
  ☆846Updated 3 months ago
• Threagile / threagile
  Agile Threat Modeling Toolkit
  ☆615Updated this week
• Checkmarx / kics
  Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastruct…
  ☆2,083Updated this week
• threatspec / threatspec
  threatspec - continuous threat modeling, through code
  ☆332Updated 3 years ago
• aquasecurity / chain-bench
  An open-source tool for auditing your software supply chain stack for security compliance based on a new CIS Software Supply Chain benchm…
  ☆726Updated 3 months ago
• AppThreat / sast-scan
  Fully open-source SAST scanner supporting a range of languages and frameworks. Integrates with major CI pipelines and IDE such as Azure D…
  ☆147Updated 4 years ago
• devsecopsmaturitymodel / DevSecOps-MaturityModel
  ☆492Updated last month
• americanexpress / earlybird
  EarlyBird is a sensitive data detection tool capable of scanning source code repositories for clear text password violations, PII, outdat…
  ☆709Updated 2 months ago
• ShiftLeftSecurity / sast-scan
  Scan is a free & Open Source DevSecOps tool for performing static analysis based security testing of your applications and its dependenci…
  ☆805Updated last year
• anchore / anchore-engine
  A service that analyzes docker images and scans for vulnerabilities
  ☆1,585Updated last year
• vchinnipilli / kubestriker
  A Blazing fast Security Auditing tool for Kubernetes
  ☆990Updated 7 months ago
• Skyscanner / whispers
  Identify hardcoded secrets in static structured text
  ☆476Updated last year
• threatcl / threatcl
  Documenting your Threat Models with HCL
  ☆400Updated 2 months ago
• aquasecurity / cloud-security-remediation-guides
  Security Remediation Guides
  ☆708Updated 3 weeks ago
• cyberark / KubiScan
  A tool to scan Kubernetes cluster for risky permissions
  ☆1,323Updated this week
• cider-security-research / top-10-cicd-security-risks
  ☆399Updated last year
• zaproxy / action-baseline
  A GitHub Action for running the ZAP Baseline scan
  ☆311Updated last month
• openclarity / openclarity
  OpenClarity is an open source tool built to enhance security and observability of cloud native applications and infrastructure
  ☆1,346Updated this week
• OWASP / Docker-Security
  Getting a handle on container security
  ☆632Updated 11 months ago
• magnologan / awesome-k8s-security
  A curated list for Awesome Kubernetes Security resources
  ☆1,915Updated last year
• devops-kung-fu / bomber
  Scans Software Bill of Materials (SBOMs) for security vulnerabilities
  ☆509Updated this week
• OpenCSPM / opencspm
  Open Cloud Security Posture Management Engine
  ☆333Updated 2 years ago
• Legit-Labs / legitify
  Detect and remediate misconfigurations and security risks across all your GitHub and GitLab assets
  ☆769Updated this week
• ajinabraham / njsscan
  njsscan is a semantic aware SAST tool that can find insecure code patterns in your Node.js applications.
  ☆375Updated this week