Alternatives and similar repositories for awesome-dev-first-security

Users that are interested in awesome-dev-first-security are comparing it to the libraries listed below

• mario-platt / ASVS-Agile-Delivery-Guide
  ☆35Updated 4 years ago
• OWASP / kstg
  Kubernetes Security Testing Guide
  ☆26Updated last year
• tldrrun / tools.tldr.run
  A curated list of security tools for Hackers & Builders!
  ☆100Updated 11 months ago
• chainguard-dev / self-attestation
  Markdown Version of the DHS/CISA Secure Software Development Self Attestation Form.
  ☆21Updated 2 years ago
• rusakovichma / TicTaaC
  Easy-to-use Threat modeling-as-a-Code (TaaC) solution following DevSecOps principles. Simple CI/CD integration as well as console usage. …
  ☆65Updated last year
• gojek / CureIAM
  Clean accounts over permissions in GCP infra at scale
  ☆71Updated 2 years ago
• lightspin-tech / red-bucket-gcp
  ☆10Updated 3 years ago
• riskprofiler / CloudFrontier
  Monitor the internet attack surface of various public cloud environments. Currently supports AWS, GCP, Azure, DigitalOcean and Oracle Clo…
  ☆125Updated last year
• OWASP / Cloud-Native-Application-Security-Top-10
  ☆20Updated 6 years ago
• OWASP / Application-Security-Curriculum
  ☆24Updated 3 years ago
• OpenSecuritySummit / oss-website
  The Open Security Summit is focused on the collaboration between, Developers and Application Security
  ☆45Updated 6 months ago
• BBVA / susto
  Systematic Universal Security Testing Orchestration
  ☆37Updated 3 years ago
• ComplianceAsCode / oscal
  OSCAL SSP content for technologies shipped by Red Hat
  ☆15Updated 2 years ago
• darkarnium / perimeterator
  'Continuous' AWS perimeter monitoring: Periodically scan internet facing AWS resources to detect misconfigured services.
  ☆64Updated 5 years ago
• SecureStackCo / visualizing-software-supply-chain
  A project to visualize the software supply chain
  ☆51Updated last year
• DevSlop / pixi-crs
  CI Pipeline with Pixi, the WAF OWASP Core Rule Set and TestCafe tests.
  ☆15Updated 4 years ago
• we45 / orchestron-community
  Orchestron is an Application Vulnerability Management and Correlation Tool.Orchestron helps you solve one key problem "Find and fix vulne…
  ☆31Updated 2 years ago
• offensive-terraform / offensive-terraform.github.io
  Offensive Terraform Website
  ☆45Updated 4 years ago
• disruptops / IncidentResponseGenerator
  Updated incident response generator for training classes
  ☆44Updated 4 years ago
• OpenSecuritySummit / oss2020
  The Open Security Summit 2020 is focused on the collaboration between, Developers and Application Security
  ☆26Updated 4 years ago
• praetorian-inc / snowcat
  a tool to audit the istio service mesh
  ☆173Updated 3 years ago
• mllamazares / STRIDE-vs-ASVS
  🖇️ STRIDE vs. ASVS equivalence table
  ☆76Updated 10 months ago
• JupiterOne / secops-automation-examples
  Examples on how to maintain security/compliance as code and to automate SecOps using the JupiterOne platform.
  ☆53Updated last year
• madhuakula / docker-security-checker
  Dockerfile Security Checker using OPA Rego policies with Conftest
  ☆60Updated 2 years ago
• duo-labs / appsec-education
  Presentations, training modules, and other education materials from Duo Security's Application Security team.
  ☆74Updated 3 years ago
• dowjones / reapsaw
  Reapsaw is a continuous security devsecops tool, which helps in enabling security into CI/CD Pipeline. It supports coverage for multiple …
  ☆41Updated 4 years ago
• elastisys / security-review
  ☆16Updated 2 years ago
• ncc-erik-steringer / Aerides
  An implementation of infrastructure-as-code scanning using dynamic tooling.
  ☆56Updated 3 years ago
• ossf / Project-Security-Metrics
  Collect, curate, and communicate relevant security metrics for open source projects.
  ☆63Updated last year
• Threat-Modeling-Manifesto / threat-modeling-manifesto
  Threat Modeling Manifesto
  ☆28Updated 11 months ago