hysnsec / awesome-policy-as-code
A curated list of policy-as-code resources like blogs, videos, and tools to practice on for learning Policy-as-Code.
☆179Updated 9 months ago
Related projects: ⓘ
- This repo is a consolidation of Secure Software Supply Chain resources, such as talks, whitepapers, conferences and more.☆136Updated 2 years ago
- A list of cloud security tools and vendors.☆124Updated 2 weeks ago
- Documenting your Threat Models with HCL☆397Updated 2 weeks ago
- KaiMonkey provides vulnerable infrastructure as code (IaC) to help explore and understand common cloud security threats exposed via IaC.☆93Updated 9 months ago
- Evaluate source control (GitHub) security posture☆248Updated last year
- A Cloud Security Posture Manager or CSPM with a focus on security analysis for the modern cloud stack and a focus on the emerging threat …☆169Updated 3 weeks ago
- ☆108Updated last month
- The Open Threat Modeling Format (OTM) defines a platform independent way to define the threat model of any system.☆165Updated 7 months ago
- Open Cloud Security Posture Management Engine☆332Updated 2 years ago
- OWASP Foundation Web Respository☆79Updated 2 weeks ago
- The Amazon Elastic Kubernetes Service (EKS) Creation Engine (ECE) is a Python command-line program created by the Lightspin Office of the…☆40Updated last year
- ☆276Updated last year
- A deliberately vulnerable Kubernetes cluster☆117Updated 9 months ago
- Sample DevSecOps pipelines (heavily biased on the "Sec") for various stacks and tools using open-source security tools and AWS native ser…☆66Updated 3 years ago
- Rego policies for enterprise-scale Compliance-as-Code with OPA Conftest.☆58Updated 11 months ago
- Cfngoat is Bridgecrew's "Vulnerable by Design" Cloudformation repository. Cfngoat is a learning and training project that demonstrates ho…☆91Updated last month
- ThreatModel for Amazon S3 - Library of all the attack scenarios on Amazon S3, and how to mitigate them following a risk-based approach☆148Updated 11 months ago
- CNAPPgoat is an open source project designed to modularly provision vulnerable-by-design components in cloud environments.☆264Updated 2 weeks ago
- A library of rules for Conftest used to detect misconfigurations within Terraform configuration files☆191Updated 2 years ago
- AWS Organizations Service Control Policies (SCPs) written in HashiCorp Terraform.☆229Updated 11 months ago
- A curated list of resources about detecting threats and defending Kubernetes systems.☆355Updated last year
- ☆106Updated 3 months ago
- A tool to check the security settings of Github Organizations.☆68Updated last year
- Automate permissions to your cloud and critical applications.☆237Updated 7 months ago
- An AWS IAM policy statement parser and query tool.☆153Updated 7 months ago
- An open project to list all publicly known cloud vulnerabilities and CSP security issues☆303Updated last month
- Nextdoor's Cloud Security Posture Management (CSPM) Evaluation Matrix☆55Updated last year
- Trivy's misconfiguration scanning engine☆213Updated 5 months ago
- Kickstart and manage your AWS Organization via Terraform☆49Updated last month
- Compares and analyzes GCP IAM roles.☆76Updated 3 months ago