hp271 / awesome-dev-first-securityLinks
A curated collection of tools and resources for building security with a developer first approach.
☆28Updated 2 years ago
Alternatives and similar repositories for awesome-dev-first-security
Users that are interested in awesome-dev-first-security are comparing it to the libraries listed below
Sorting:
- Examples on how to maintain security/compliance as code and to automate SecOps using the JupiterOne platform.☆54Updated last year
- A project to visualize the software supply chain☆51Updated last year
- DefectDojo Community Content☆18Updated last month
- Markdown Version of the DHS/CISA Secure Software Development Self Attestation Form.☆21Updated 2 years ago
- ☆20Updated 6 years ago
- Repo to hold the markdown-ified metadata on AppSec tools that are automation-friendly☆12Updated 9 years ago
- Easy-to-use Threat modeling-as-a-Code (TaaC) solution following DevSecOps principles. Simple CI/CD integration as well as console usage. …☆65Updated 3 weeks ago
- ☆16Updated 2 years ago
- ☆10Updated 3 years ago
- The Open Security Summit is focused on the collaboration between, Developers and Application Security☆45Updated last week
- Monitor the internet attack surface of various public cloud environments. Currently supports AWS, GCP, Azure, DigitalOcean and Oracle Clo…☆126Updated last year
- ☆35Updated 4 years ago
- Sharing software supply chain security open source projects☆50Updated 2 years ago
- Sample code snippets for consuming the CloudSploit API☆13Updated last year
- 'Continuous' AWS perimeter monitoring: Periodically scan internet facing AWS resources to detect misconfigured services.☆64Updated 5 years ago
- Active Response plugin. Osquery to execute wazuh/ossec active response plugins. You can write your own plugins, easy to plug☆10Updated 5 years ago
- The SaaS CTO Security Checklist Redux, The DevOps Security Checklist, and The Personal Infosec & Security Checklist☆25Updated 4 years ago
- Policy Pipeline : place an SDLC around your compliance documentation with a pipeline that renders policy-as-code to human friendly format…☆11Updated 4 years ago
- A carefully curated list of open source projects aimed at improving your AWS security posture!☆30Updated 3 years ago
- ☆24Updated 3 years ago
- A curated list of security tools for Hackers & Builders!☆100Updated 11 months ago
- Clean accounts over permissions in GCP infra at scale☆71Updated 2 years ago
- Presentations, training modules, and other education materials from Duo Security's Application Security team.☆74Updated 4 years ago
- Dockerfile Security Checker using OPA Rego policies with Conftest☆60Updated 3 years ago
- A MAL language that demonstrates the Maven project structure☆23Updated 3 years ago
- Reapsaw is a continuous security devsecops tool, which helps in enabling security into CI/CD Pipeline. It supports coverage for multiple …☆41Updated 4 years ago
- Bhadra is a Vulnerability Management Platform to handle all security issues☆14Updated 2 months ago
- GitHub action to run Threagile, the agile threat modeling toolkit, on a repo's threagile.yaml file☆13Updated last year
- A Java library for programmatically calculating OWASP Risk Rating scores☆18Updated 2 years ago
- Key risk indicator (KRI) for risk management and business strategy☆28Updated 3 months ago