Alternatives and similar repositories for production-readiness-checklist

Users that are interested in production-readiness-checklist are comparing it to the libraries listed below

• mllamazares / STRIDE-vs-ASVS
  🖇️ STRIDE vs. ASVS equivalence table
  ☆76Updated 9 months ago
• mario-platt / ASVS-Agile-Delivery-Guide
  ☆35Updated 4 years ago
• xvnpw / ai-threat-modeling-action
  AI featured threat modeling and security review action
  ☆44Updated 6 months ago
• luisfontes19 / orgsec-guide
  A comprehensive checklist and guide for organizations looking to implement a robust cybersecurity program
  ☆36Updated last week
• secmerc / materialize-threats
  ☆63Updated 2 years ago
• OpenSecuritySummit / project-ASVS-User-Stories
  ☆19Updated 3 years ago
• SecurityRunners / CloudCommotion
  Cloud Commotion intends to cause chaos to simulate security incidents
  ☆144Updated 11 months ago
• jdyke / gcp-iam-analyzer
  Compares and analyzes GCP IAM roles.
  ☆77Updated 2 months ago
• tldrsec / awesome-secure-defaults
  Awesome secure by default libraries to help you eliminate bug classes!
  ☆692Updated last month
• zmallen / cloudtrail2sightings
  Convert cloudtrail data to MITRE ATT&CK Sightings
  ☆80Updated 2 years ago
• iriusrisk / OpenThreatModel
  The Open Threat Modeling Format (OTM) defines a platform independent way to define the threat model of any system.
  ☆172Updated 6 months ago
• gojek / CureIAM
  Clean accounts over permissions in GCP infra at scale
  ☆71Updated 2 years ago
• OWASP / OpenCRE
  ☆108Updated last week
• crashappsec / github-analyzer
  A tool to check the security settings of Github Organizations.
  ☆71Updated last year
• WTFender / cf-lambda-public-url-prohibited
  Detect publicly accessible Lambda Function URLs in your AWS account
  ☆9Updated 3 years ago
• MaibornWolff / dd-import
  A utility to (re-)import findings and language data into DefectDojo
  ☆43Updated 8 months ago
• Checkmarx / capital
  A built-to-be-vulnerable API application based on the OWASP top 10 API vulnerabilities. Use c{api}tal to learn, train and exploit API Sec…
  ☆292Updated last year
• OWASP / www-project-devsecops-guideline
  The OWASP DevSecOps Guideline explains how we can implement a secure pipeline and use best practices and introduce tools that we can use …
  ☆66Updated 11 months ago
• snyk-labs / github-actions-scanner
  Scans your Github Actions for security issues
  ☆73Updated 3 weeks ago
• opengrep / opengrep-rules
  ☆68Updated 4 months ago
• mllamazares / vulncov
  🧪 Correlate Semgrep scans with Python test coverage to prioritize SAST findings and get bug fix suggestions via a self-hosted LLM.
  ☆39Updated 5 months ago
• scribe-public / gitgat
  Evaluate source control (GitHub) security posture
  ☆250Updated 2 years ago
• OWASP / www-project-top-10-ci-cd-security-risks
  OWASP Foundation Web Respository
  ☆94Updated 4 months ago
• Toreon / threat-model-playbook
  ☆88Updated 3 years ago
• Whitespots-OU / security-requirements-generator
  A small tool to help developers understand a huge set of security requirements from appsec teams
  ☆45Updated 2 years ago
• CloudWanderer-io / PolicyGlass
  PolicyGlass allows you to analyse one or more AWS policies' effective permissions in aggregate, by restating them in the form of PolicySh…
  ☆59Updated 3 years ago
• github / audit-actions-workflow-runs
  Audit your GitHub Actions workflow runs to see exactly which Actions were downloaded
  ☆68Updated this week
• google / gke-auditor
  ☆74Updated 4 years ago
• OWASP / threat-modeling-playbook
  ☆33Updated 3 years ago
• segmentio / threat-modeling-training
  Segment's Threat Modeling training for our engineers
  ☆243Updated 4 years ago