gorrion-io / production-readiness-checklistLinks
β23Updated 3 weeks ago
Alternatives and similar repositories for production-readiness-checklist
Users that are interested in production-readiness-checklist are comparing it to the libraries listed below
Sorting:
- OWASP Foundation Web Respositoryβ97Updated 7 months ago
- ποΈ STRIDE vs. ASVS equivalence tableβ76Updated last year
- A tool to check the security settings of Github Organizations.β72Updated 2 years ago
- Scans your Github Actions for security issuesβ83Updated last week
- Gram is Klarna's own threat model diagramming toolβ324Updated last month
- The Open Threat Modeling Format (OTM) defines a platform independent way to define the threat model of any system.β176Updated 9 months ago
- π§ͺ Correlate Semgrep scans with Python test coverage to prioritize SAST findings and get bug fix suggestions via a self-hosted LLM.β40Updated 8 months ago
- AI featured threat modeling and security review actionβ45Updated 9 months ago
- The Security Champion Framework provides both a measuring stick and a roadmap generator for Champion Programs.β108Updated last year
- A comprehensive checklist and guide for organizations looking to implement a robust cybersecurity programβ41Updated last month
- boostsecurityio/poutineβ309Updated last week
- Too many secrets (2MS) helps people protect their secrets on any file or on systems like CMS, chats and gitβ107Updated last week
- Script to audit GitHub Action Workflow files for potential vulnerabilities.β156Updated last year
- A tool for preventing the installation of malicious npm and PyPI packagesβ158Updated this week
- HashiCorp-relevant rules for the Semgrep code analysis toolβ41Updated last year
- Awesome secure by default libraries to help you eliminate bug classes!β699Updated 4 months ago
- β121Updated this week
- A utility to (re-)import findings and language data into DefectDojoβ43Updated 11 months ago
- A small tool to help developers understand a huge set of security requirements from appsec teamsβ47Updated 3 years ago
- β66Updated last month
- GitHub Actions Goat: Deliberately Vulnerable GitHub Actions CI/CD Environmentβ479Updated 2 months ago
- A built-to-be-vulnerable API application based on the OWASP top 10 API vulnerabilities. Use c{api}tal to learn, train and exploit API Secβ¦β300Updated 2 weeks ago
- Demonstrates how a malicious dependency could negatively impact the build output.β24Updated 2 years ago
- The OWASP DevSecOps Guideline explains how we can implement a secure pipeline and use best practices and introduce tools that we can use β¦β71Updated last year
- Runtime Security Solution for your CI/CD Pipelineβ108Updated 2 months ago
- Security Champions Playbook v 2.1β378Updated last year
- Cumulus. Threat modeling the Clouds.β39Updated 11 months ago
- RedFlag uses AI to identify high-risk code changes. Run it in batch mode for release candidate testing or in CI pipelines to flag PRs andβ¦β152Updated 9 months ago
- Segment's Threat Modeling training for our engineersβ245Updated 4 years ago
- β124Updated last year