Alternatives and similar repositories for production-readiness-checklist

Users that are interested in production-readiness-checklist are comparing it to the libraries listed below

• mllamazares / STRIDE-vs-ASVS
  🖇️ STRIDE vs. ASVS equivalence table
  ☆76Updated 10 months ago
• iriusrisk / OpenThreatModel
  The Open Threat Modeling Format (OTM) defines a platform independent way to define the threat model of any system.
  ☆173Updated 7 months ago
• luisfontes19 / orgsec-guide
  A comprehensive checklist and guide for organizations looking to implement a robust cybersecurity program
  ☆40Updated last week
• crashappsec / github-analyzer
  A tool to check the security settings of Github Organizations.
  ☆71Updated 2 years ago
• mllamazares / vulncov
  🧪 Correlate Semgrep scans with Python test coverage to prioritize SAST findings and get bug fix suggestions via a self-hosted LLM.
  ☆39Updated 7 months ago
• secmerc / materialize-threats
  ☆66Updated 2 years ago
• klarna-incubator / gram
  Gram is Klarna's own threat model diagramming tool
  ☆322Updated this week
• edgeroute / security-champion-framework
  The Security Champion Framework provides both a measuring stick and a roadmap generator for Champion Programs.
  ☆108Updated last year
• xvnpw / ai-threat-modeling-action
  AI featured threat modeling and security review action
  ☆44Updated 8 months ago
• step-security / github-actions-goat
  GitHub Actions Goat: Deliberately Vulnerable GitHub Actions CI/CD Environment
  ☆477Updated 3 weeks ago
• mario-platt / ASVS-Agile-Delivery-Guide
  ☆35Updated 4 years ago
• OWASP / www-project-top-10-ci-cd-security-risks
  OWASP Foundation Web Respository
  ☆97Updated 5 months ago
• jeremylong / malicious-dependencies
  Demonstrates how a malicious dependency could negatively impact the build output.
  ☆24Updated last year
• boostsecurityio / poutine
  boostsecurityio/poutine
  ☆306Updated 2 weeks ago
• Checkmarx / capital
  A built-to-be-vulnerable API application based on the OWASP top 10 API vulnerabilities. Use c{api}tal to learn, train and exploit API Sec…
  ☆294Updated last year
• AppSecure-nrw / security-belts
  ☆110Updated last year
• tldrsec / awesome-secure-defaults
  Awesome secure by default libraries to help you eliminate bug classes!
  ☆698Updated 2 months ago
• segmentio / threat-modeling-training
  Segment's Threat Modeling training for our engineers
  ☆244Updated 4 years ago
• snyk-labs / github-actions-scanner
  Scans your Github Actions for security issues
  ☆77Updated last week
• OWASP / OpenCRE
  ☆116Updated this week
• bullfrogsec / bullfrog
  Simple plug-and-play Github Action to block unauthorized outbound traffic (egress) in your Github workflows
  ☆110Updated last week
• owaspsamm / sammwise
  NextJS-based single-page application for completing and reviewing SAMM assessments
  ☆76Updated 2 years ago
• CycodeLabs / cimon-action
  Runtime Security Solution for your CI/CD Pipeline
  ☆106Updated last month
• smithy-security / smithy
  The security workflow engine!
  ☆118Updated this week
• Checkmarx / 2ms
  Too many secrets (2MS) helps people protect their secrets on any file or on systems like CMS, chats and git
  ☆94Updated last week
• opengrep / opengrep-rules
  ☆76Updated 5 months ago
• BlazingWind / OWASP-ASVS-4.0-testing-guide
  ☆123Updated last year
• apiiro / malicious-code-ruleset
  Focused malicious code detection ruleset, with a high protection-to-noise ratio
  ☆122Updated 4 months ago
• Rezonate-io / github-oidc-checker
  Tools that checks for misconfigured access to Github OIDC from AWS roles and GCP service accounts
  ☆61Updated 2 years ago
• oracle / macaron
  Macaron is an extensible supply-chain security analysis framework from Oracle Labs that supports a wide range of build systems and CI/CD …
  ☆160Updated last week