Alternatives and similar repositories for gha-devsecops

Users that are interested in gha-devsecops are comparing it to the libraries listed below

• krol3 / workshop-cloud-native-security
  workshop about cloud-native security
  ☆71Updated 3 years ago
• jonrau1 / AWS-DevSecOps-Factory
  Sample DevSecOps pipelines (heavily biased on the "Sec") for various stacks and tools using open-source security tools and AWS native ser…
  ☆73Updated 4 years ago
• OWASP / www-project-devsecops-guideline
  The OWASP DevSecOps Guideline explains how we can implement a secure pipeline and use best practices and introduce tools that we can use …
  ☆74Updated 3 weeks ago
• krol3 / devsecops-resources
  A list of resources blogs talks material about DevSecOps
  ☆99Updated 3 years ago
• tenable / KaiMonkey
  KaiMonkey provides vulnerable infrastructure as code (IaC) to help explore and understand common cloud security threats exposed via IaC.
  ☆105Updated last year
• aquasecurity / cloud-security-remediation-guides
  Security Remediation Guides
  ☆740Updated 3 weeks ago
• bksarthak / devsecops-book
  Repository for storing code for O'Reilly book
  ☆34Updated last year
• hysnsec / awesome-policy-as-code
  A curated list of policy-as-code resources like blogs, videos, and tools to practice on for learning Policy-as-Code.
  ☆197Updated last year
• devsecopsmaturitymodel / DevSecOps-MaturityModel
  ☆543Updated 2 weeks ago
• ayeks / devsecops-reference-architectures
  A collection of DevSecOps reference architectures
  ☆70Updated 4 years ago
• aws-samples / devsecops-cicd
  ☆93Updated 3 months ago
• OWASP / www-project-top-10-ci-cd-security-risks
  OWASP Foundation Web Respository
  ☆99Updated 3 weeks ago
• OWASP / www-project-devsecops-maturity-model
  OWASP Foundation Web Respository
  ☆56Updated 3 weeks ago
• cider-security-research / top-10-cicd-security-risks
  ☆418Updated 2 years ago
• ksoclabs / kube-goat
  A deliberately vulnerable Kubernetes cluster
  ☆129Updated last year
• OWASP / KubeLight
  OWASP Kubernetes security and compliance tool [WIP]
  ☆107Updated 2 years ago
• Vinum-Security / kubernetes-security-checklist
  Kubernetes Security Checklist and Requirements - All in One (authentication, authorization, logging, secrets, configuration, network, wor…
  ☆481Updated 3 years ago
• PaloAltoNetworks / prisma-cloud-scan
  GitHub action to scan container images with Palo Alto Networks' Prisma Cloud
  ☆59Updated 7 months ago
• trustoncloud / threatmodel-for-aws-s3
  Threat model for Amazon S3 - Library of all the attack scenarios on Amazon S3, and how to mitigate them following a risk-based approach
  ☆158Updated 2 years ago
• chughes29 / state-of-cloud-security
  A collection of 2020 artifacts describing the major pain points, vulnerabilities and concerns with Cloud Security.
  ☆19Updated 4 years ago
• OWASP / www-project-kubernetes-top-ten
  OWASP Foundation Web Respository
  ☆595Updated 3 weeks ago
• hysnsec / awesome-sca
  A curated list of Software Component Analysis (SCA) books, courses - free and paid, videos, tools, and tutorials.
  ☆107Updated 11 months ago
• rmkanda / tools
  Curated list of security tools
  ☆68Updated last year
• snyk-labs / snyk-cicd-integration-examples
  Examples of integrating the Snyk CLI into a CI/CD system
  ☆100Updated 11 months ago
• iacsecurity / tool-compare
  ☆285Updated 2 years ago
• Cybr-Inc / CloudSec
  Public repository of all things cloud security.
  ☆45Updated last year
• tenchi-security / camp
  CloudSplaining on AWS Managed Policies
  ☆44Updated last month
• brianlam38 / AWS-Certified-Security-Specialty
  AWS Certified Security Specialty (2020) course notes
  ☆122Updated 5 years ago
• tenable / cnappgoat
  CNAPPgoat is an open source project designed to modularly provision vulnerable-by-design components in cloud environments.
  ☆289Updated last year
• arnica-ext / GitGoat
  GitGoat is an open source tool that was built to enable DevOps and Engineering teams to design and implement a sustainable misconfigurati…
  ☆170Updated 9 months ago