kosli-dev / secure-sdlc-process-template

Related projects ⓘ

Alternatives and complementary repositories for secure-sdlc-process-template

• ncc-erik-steringer / Aerides
  An implementation of infrastructure-as-code scanning using dynamic tooling.
  ☆56Updated 2 years ago
• hashicorp-forge / grove
  A Software as a Service (SaaS) log collection framework.
  ☆130Updated 3 weeks ago
• slauth-io / slauth-cli
  CLI that scans directories for Cloud Provider SDK usage generates the IAM Policies/Permissions needed
  ☆73Updated last month
• bullfrogsec / bullfrog
  Simple plug-and-play Github Action to block unauthorized outbound traffic (egress) in your Github workflows
  ☆79Updated last week
• suzuki-shunsuke / tfprovidercheck
  CLI to prevent malicious Terraform Providers from being executed. You can define the allow list of Terraform Providers and their versions…
  ☆75Updated this week
• ovotech / cloud-key-rotator
  A Golang program to rotate AWS & GCP account keys
  ☆65Updated 2 months ago
• StevenSmiley / aws-mine
  AWS honey token manager
  ☆84Updated 3 months ago
• yanilov / control-tags
  Scalable integrity framework for ABAC on AWS
  ☆29Updated last week
• gjyoung1974 / soc2-policy-templates
  Template SOC2 Policy Authority - documentation pipeline
  ☆99Updated 4 years ago
• someengineering / cloud-security-list
  A list of cloud security tools and vendors.
  ☆135Updated 2 months ago
• Rezonate-io / github-oidc-checker
  Tools that checks for misconfigured access to Github OIDC from AWS roles and GCP service accounts
  ☆57Updated last year
• common-fate / glide
  Automate permissions to your cloud and critical applications.
  ☆238Updated 8 months ago
• scribe-public / gitgat
  Evaluate source control (GitHub) security posture
  ☆249Updated last year
• welldone-cloud / aws-scps-for-sandbox-and-training-accounts
  ☆140Updated 4 months ago
• Addepar / RedFlag
  RedFlag uses AI to identify high-risk code changes. Run it in batch mode for release candidate testing or in CI pipelines to flag PRs and…
  ☆140Updated 2 weeks ago
• welldone-cloud / aws-lint-iam-policies
  ☆111Updated 2 weeks ago
• turbot / steampipe-mod-aws-perimeter
  Is your AWS perimeter secure? Use Powerpipe and Steampipe to check your AWS accounts for public resources, resources shared with untrust…
  ☆106Updated 3 weeks ago
• lirlia / prel
  prel(iminary) is an application that temporarily assigns Google Cloud IAM Roles and includes an approval process.
  ☆36Updated this week
• chughes757 / SecureSoftwareSupplyChain
  This repo is a consolidation of Secure Software Supply Chain resources, such as talks, whitepapers, conferences and more.
  ☆137Updated 2 years ago
• DataDog / grimoire
  Generate datasets of cloud audit logs for common attacks
  ☆183Updated 3 months ago
• TristanToye / SOC2-guide
  Documenting SOC 2 tools and processes
  ☆70Updated 2 years ago
• noqdev / iambic
  IAMbic is Version-Control for IAM. It centralizes and simplifies cloud access and permissions. It maintains an eventually consistent, hum…
  ☆285Updated 3 months ago
• JupiterOne / data-model
  ☆16Updated 6 months ago
• threatcl / threatcl
  Documenting your Threat Models with HCL
  ☆400Updated 2 months ago
• WithSecureLabs / IAMSpy
  ☆203Updated last month
• aidansteele / awsaccountcreds
  ☆22Updated last year
• tenable / KaiMonkey
  KaiMonkey provides vulnerable infrastructure as code (IaC) to help explore and understand common cloud security threats exposed via IaC.
  ☆96Updated 10 months ago
• Fennerr / PMapper
  A tool for quickly evaluating IAM permissions in AWS.
  ☆70Updated 5 months ago
• zmallen / cloudtrail2sightings
  Convert cloudtrail data to MITRE ATT&CK Sightings
  ☆79Updated 2 years ago
• gojek / CureIAM
  Clean accounts over permissions in GCP infra at scale
  ☆71Updated last year