gorrion-io / production-readiness-checklistLinks
β24Updated 2 months ago
Alternatives and similar repositories for production-readiness-checklist
Users that are interested in production-readiness-checklist are comparing it to the libraries listed below
Sorting:
- ποΈ STRIDE vs. ASVS equivalence tableβ77Updated last year
- A comprehensive checklist and guide for organizations looking to implement a robust cybersecurity programβ46Updated 3 weeks ago
- The Open Threat Modeling Format (OTM) defines a platform independent way to define the threat model of any system.β177Updated 11 months ago
- A tool to check the security settings of Github Organizations.β72Updated 2 years ago
- π§ͺ Correlate Semgrep scans with Python test coverage to prioritize SAST findings and get bug fix suggestions via a self-hosted LLM.β41Updated 10 months ago
- Awesome secure by default libraries to help you eliminate bug classes!β700Updated 6 months ago
- A built-to-be-vulnerable API application based on the OWASP top 10 API vulnerabilities. Use c{api}tal to learn, train and exploit API Secβ¦β304Updated 2 months ago
- Scans your Github Actions for security issuesβ86Updated last week
- GitHub Actions Goat: Deliberately Vulnerable GitHub Actions CI/CD Environmentβ481Updated 4 months ago
- Gram is Klarna's own threat model diagramming toolβ327Updated last month
- Too many secrets (2MS) helps people protect their secrets on any file or on systems like CMS, chats and gitβ136Updated last week
- Runtime Security Solution for your CI/CD Pipelineβ110Updated 4 months ago
- β68Updated 3 months ago
- A small tool to help developers understand a huge set of security requirements from appsec teamsβ47Updated 3 years ago
- OWASP Foundation Web Respositoryβ99Updated 3 weeks ago
- boostsecurityio/poutineβ341Updated last week
- Simple plug-and-play Github Action to block unauthorized outbound traffic (egress) in your Github workflowsβ112Updated 2 weeks ago
- β93Updated 9 months ago
- A utility to (re-)import findings and language data into DefectDojoβ43Updated last year
- The OWASP DevSecOps Guideline explains how we can implement a secure pipeline and use best practices and introduce tools that we can use β¦β74Updated 3 weeks ago
- Open-source best practices for protecting a secure, sensible cloud platformβ128Updated last year
- Practical resources for offensive CI/CD security research. Curated the best resources I've seen since 2021.β554Updated last month
- An IAM Simulator that outputs detailed explains of how a request was evaluated.β94Updated this week
- kntrl is an eBPF based runtime agent that monitors and prevents anomalous behaviour defined by you on your pipeline. kntrl achieves this β¦β120Updated last month
- The Security Champion Framework provides both a measuring stick and a roadmap generator for Champion Programs.β111Updated last year
- AWS honey token managerβ89Updated last year
- Generate a score for your sbom to understand if it will actually be useful.β234Updated last year
- Segment's Threat Modeling training for our engineersβ245Updated 4 years ago
- PolicyGlass allows you to analyse one or more AWS policies' effective permissions in aggregate, by restating them in the form of PolicyShβ¦β60Updated 3 years ago
- Demonstrates how a malicious dependency could negatively impact the build output.β24Updated 2 years ago