hysnsec / awesome-sca
A curated list of Software Component Analysis (SCA) books, courses - free and paid, videos, tools, and tutorials.
β103Updated 3 months ago
Alternatives and similar repositories for awesome-sca:
Users that are interested in awesome-sca are comparing it to the libraries listed below
- The OWASP DevSecOps Guideline explains how we can implement a secure pipeline and use best practices and introduce tools that we can use β¦β63Updated 9 months ago
- Container π¦ Security π Best Practices Checklist π & Slidesβ67Updated 4 years ago
- A comprehensive list of software composition analysis tools.β139Updated 9 months ago
- Awesome resources about Security in Kubernetesβ41Updated 2 years ago
- β93Updated last month
- OWASP Kubernetes security and compliance tool [WIP]β106Updated last year
- The Open Security Summit is focused on the collaboration between, Developers and Application Securityβ45Updated 2 months ago
- A deliberately vulnerable Kubernetes clusterβ124Updated last year
- OWASP Foundation Web Respositoryβ55Updated last year
- Sharing software supply chain security open source projectsβ46Updated 2 years ago
- Discover vulnerabilities and container image misconfiguration in production environments.β55Updated last week
- Curating Falco rules with MITRE ATT&CK Matrixβ77Updated last year
- Easy-to-use Threat modeling-as-a-Code (TaaC) solution following DevSecOps principles. Simple CI/CD integration as well as console usage. β¦β61Updated 8 months ago
- A collection of DevSecOps reference architecturesβ66Updated 4 years ago
- β237Updated 6 months ago
- OWASP Foundation Web Respositoryβ81Updated last month
- A compilation of Software Supply Chain Security resources including initiatives, standards, regulations, organizations, vendors, tooling,β¦β131Updated last year
- Damn Vulnerable Kubernetes App (DVKA) is a series of apps deployed on Kubernetes that are damn vulnerable.β126Updated last week
- A utility to (re-)import findings and language data into DefectDojoβ42Updated 5 months ago
- A curated list of security tools for Hackers & Builders!β98Updated 7 months ago
- A curated list of policy-as-code resources like blogs, videos, and tools to practice on for learning Policy-as-Code.β188Updated last year
- The Open Threat Modeling Format (OTM) defines a platform independent way to define the threat model of any system.β171Updated 3 months ago
- Kubernetes Security Checklist and Requirements - All in One (authentication, authorization, logging, secrets, configuration, network, worβ¦β476Updated 3 years ago
- OWASP Kubernetes Security Testing Guideβ37Updated 6 months ago
- The Security Champion Framework provides both a measuring stick and a roadmap generator for Champion Programs.β107Updated last year
- Purposely vulnerable Java application to help lead secure coding workshopsβ178Updated 8 months ago
- A collection of diagramming tools to help create DevOps/DevSecOps reference architecturesβ67Updated last year
- A small tool to help developers understand a huge set of security requirements from appsec teamsβ45Updated 2 years ago
- a tool to audit the istio service meshβ173Updated 3 years ago
- Kubernetes Pwnage for allβ56Updated 4 years ago