Alternatives and similar repositories for awesome-dev-first-security

Users that are interested in awesome-dev-first-security are comparing it to the libraries listed below

• mario-platt / ASVS-Agile-Delivery-Guide
  ☆35Updated 4 years ago
• rusakovichma / TicTaaC
  Easy-to-use Threat modeling-as-a-Code (TaaC) solution following DevSecOps principles. Simple CI/CD integration as well as console usage. …
  ☆65Updated 11 months ago
• lightspin-tech / red-bucket-gcp
  ☆10Updated 3 years ago
• gojek / CureIAM
  Clean accounts over permissions in GCP infra at scale
  ☆71Updated 2 years ago
• OWASP / Cloud-Native-Application-Security-Top-10
  ☆20Updated 6 years ago
• chainguard-dev / self-attestation
  Markdown Version of the DHS/CISA Secure Software Development Self Attestation Form.
  ☆21Updated 2 years ago
• SecureStackCo / visualizing-software-supply-chain
  A project to visualize the software supply chain
  ☆52Updated last year
• mtesauro / AppSecToolbox-tools
  Repo to hold the markdown-ified metadata on AppSec tools that are automation-friendly
  ☆12Updated 8 years ago
• Threagile / run-threagile-action
  GitHub action to run Threagile, the agile threat modeling toolkit, on a repo's threagile.yaml file
  ☆13Updated last year
• JupiterOne / secops-automation-examples
  Examples on how to maintain security/compliance as code and to automate SecOps using the JupiterOne platform.
  ☆53Updated last year
• Frichetten / aws_api_shapeshifter
  A small library to alter AWS API requests; Used for fuzzing research
  ☆22Updated last year
• tldrrun / tools.tldr.run
  A curated list of security tools for Hackers & Builders!
  ☆99Updated 10 months ago
• DevSlop / pixi-crs
  CI Pipeline with Pixi, the WAF OWASP Core Rule Set and TestCafe tests.
  ☆15Updated 3 years ago
• stevespringett / owasp-risk-rating-calculator
  A Java library for programmatically calculating OWASP Risk Rating scores
  ☆18Updated 2 years ago
• claudijd / rotten_apple
  A tool for testing continuous integration (CI) or continuous delivery (CD) system security
  ☆23Updated 12 years ago
• zapbot / zap-mgmt-scripts
  ZAP Management Scripts
  ☆23Updated 2 weeks ago
• mllamazares / STRIDE-vs-ASVS
  🖇️ STRIDE vs. ASVS equivalence table
  ☆76Updated 9 months ago
• KaanSK / go-epss
  A Golang library for interacting with the EPSS (Exploit Prediction Scoring System).
  ☆28Updated 3 months ago
• riskprofiler / CloudFrontier
  Monitor the internet attack surface of various public cloud environments. Currently supports AWS, GCP, Azure, DigitalOcean and Oracle Clo…
  ☆124Updated last year
• ramimac / breach-list-database
  A meta-database collecting resources that compile lists of breaches
  ☆20Updated 7 months ago
• franksec42 / Vulnerability-management-maturity
  Maturity Model Collaborative project
  ☆15Updated 2 years ago
• vikrum / SecurityChecklists
  The SaaS CTO Security Checklist Redux, The DevOps Security Checklist, and The Personal Infosec & Security Checklist
  ☆25Updated 3 years ago
• duo-labs / appsec-education
  Presentations, training modules, and other education materials from Duo Security's Application Security team.
  ☆74Updated 3 years ago
• secmerc / materialize-threats
  ☆63Updated 2 years ago
• OpenSecuritySummit / oss-website
  The Open Security Summit is focused on the collaboration between, Developers and Application Security
  ☆45Updated 5 months ago
• darkbitio / tools
  Darkbit Cloud Security Tools
  ☆25Updated 4 years ago
• danielmiessler / athi
  ATHI — An AI Threat Modeling Framework for Policymakers
  ☆51Updated last year
• lightspin-tech / red-detector
  Scan your EC2 instance to find its vulnerabilities using Vuls (https://vuls.io/en/)
  ☆88Updated 2 years ago
• appsecco / owasp-threat-dragon-gitlab
  OWASP Threat Dragon with Gitlab Integration
  ☆27Updated 7 years ago
• DefectDojo / Community-Contribs
  DefectDojo Community Content
  ☆18Updated 7 months ago