gorrion-io / production-readiness-checklist
โ23Updated 5 months ago
Alternatives and similar repositories for production-readiness-checklist:
Users that are interested in production-readiness-checklist are comparing it to the libraries listed below
- ๐๏ธ STRIDE vs. ASVS equivalence tableโ75Updated 5 months ago
- AI featured threat modeling and security review actionโ43Updated 3 months ago
- Tools that checks for misconfigured access to Github OIDC from AWS roles and GCP service accountsโ60Updated last year
- A full insecure kubernetes application for testing security toolsโ66Updated this week
- Demonstrates how a malicious dependency could negatively impact the build output.โ25Updated last year
- The Open Threat Modeling Format (OTM) defines a platform independent way to define the threat model of any system.โ171Updated 3 months ago
- โ36Updated 3 years ago
- ๐งช Correlate Semgrep scans with Python test coverage to prioritize SAST findings and get bug fix suggestions via a self-hosted LLM.โ38Updated 2 months ago
- โ93Updated this week
- The Security Champion Framework provides both a measuring stick and a roadmap generator for Champion Programs.โ107Updated last year
- Scans your Github Actions for security issuesโ57Updated this week
- HashiCorp-relevant rules for the Semgrep code analysis toolโ39Updated last year
- A small tool to help developers understand a huge set of security requirements from appsec teamsโ45Updated 2 years ago
- OWASP Foundation Web Respositoryโ81Updated last month
- A utility to (re-)import findings and language data into DefectDojoโ42Updated 4 months ago
- Security tool against dependency typosquatting attacksโ39Updated last week
- Simple plug-and-play Github Action to block unauthorized outbound traffic (egress) in your Github workflowsโ82Updated last week
- Awesome secure by default libraries to help you eliminate bug classes!โ680Updated 3 months ago
- A curated list of awesome GraphQL Security frameworks, libraries, software and resourcesโ319Updated last year
- Runtime Security Solution for your CI/CD Pipelineโ95Updated this week
- Cloud Commotion intends to cause chaos to simulate security incidentsโ143Updated 8 months ago
- Adaptive AWS Zero Trust Policy made easy: Auto-generate least-privilege policies based on user activity in real time! Accelerate the adopโฆโ76Updated 9 months ago
- The OWASP DevSecOps Guideline explains how we can implement a secure pipeline and use best practices and introduce tools that we can use โฆโ62Updated 8 months ago
- Easy-to-use Threat modeling-as-a-Code (TaaC) solution following DevSecOps principles. Simple CI/CD integration as well as console usage. โฆโ61Updated 7 months ago
- Enrich SBOMs with data from third party servicesโ158Updated last week
- Curating Falco rules with MITRE ATT&CK Matrixโ77Updated 11 months ago
- boostsecurityio/poutineโ254Updated last week
- A tool to check the security settings of Github Organizations.โ71Updated last year
- โ82Updated 3 years ago