hp271 / awesome-dev-first-securityLinks
A curated collection of tools and resources for building security with a developer first approach.
☆28Updated 2 years ago
Alternatives and similar repositories for awesome-dev-first-security
Users that are interested in awesome-dev-first-security are comparing it to the libraries listed below
Sorting:
- ☆35Updated 4 years ago
- Kubernetes Security Testing Guide☆26Updated last year
- A curated list of security tools for Hackers & Builders!☆100Updated 11 months ago
- Markdown Version of the DHS/CISA Secure Software Development Self Attestation Form.☆21Updated 2 years ago
- Easy-to-use Threat modeling-as-a-Code (TaaC) solution following DevSecOps principles. Simple CI/CD integration as well as console usage. …☆65Updated last year
- Clean accounts over permissions in GCP infra at scale☆71Updated 2 years ago
- ☆10Updated 3 years ago
- Monitor the internet attack surface of various public cloud environments. Currently supports AWS, GCP, Azure, DigitalOcean and Oracle Clo…☆125Updated last year
- ☆20Updated 6 years ago
- ☆24Updated 3 years ago
- The Open Security Summit is focused on the collaboration between, Developers and Application Security☆45Updated 6 months ago
- Systematic Universal Security Testing Orchestration☆37Updated 3 years ago
- OSCAL SSP content for technologies shipped by Red Hat☆15Updated 2 years ago
- 'Continuous' AWS perimeter monitoring: Periodically scan internet facing AWS resources to detect misconfigured services.☆64Updated 5 years ago
- A project to visualize the software supply chain☆51Updated last year
- CI Pipeline with Pixi, the WAF OWASP Core Rule Set and TestCafe tests.☆15Updated 4 years ago
- Orchestron is an Application Vulnerability Management and Correlation Tool.Orchestron helps you solve one key problem "Find and fix vulne…☆31Updated 2 years ago
- Offensive Terraform Website☆45Updated 4 years ago
- Updated incident response generator for training classes☆44Updated 4 years ago
- The Open Security Summit 2020 is focused on the collaboration between, Developers and Application Security☆26Updated 4 years ago
- a tool to audit the istio service mesh☆173Updated 3 years ago
- 🖇️ STRIDE vs. ASVS equivalence table☆76Updated 10 months ago
- Examples on how to maintain security/compliance as code and to automate SecOps using the JupiterOne platform.☆53Updated last year
- Dockerfile Security Checker using OPA Rego policies with Conftest☆60Updated 2 years ago
- Presentations, training modules, and other education materials from Duo Security's Application Security team.☆74Updated 3 years ago
- Reapsaw is a continuous security devsecops tool, which helps in enabling security into CI/CD Pipeline. It supports coverage for multiple …☆41Updated 4 years ago
- ☆16Updated 2 years ago
- An implementation of infrastructure-as-code scanning using dynamic tooling.☆56Updated 3 years ago
- Collect, curate, and communicate relevant security metrics for open source projects.☆63Updated last year
- Threat Modeling Manifesto☆28Updated 11 months ago