rusakovichma / TicTaaCLinks
Easy-to-use Threat modeling-as-a-Code (TaaC) solution following DevSecOps principles. Simple CI/CD integration as well as console usage. Sugar-Free and Secure: no any external dependencies except for chart plotting are used
β68Updated 5 months ago
Alternatives and similar repositories for TicTaaC
Users that are interested in TicTaaC are comparing it to the libraries listed below
Sorting:
- A small tool to help developers understand a huge set of security requirements from appsec teamsβ47Updated 3 years ago
- ποΈ equivalence table between OWASP ASVS standard and STRIDE threat modeling methodology.β75Updated last year
- The Open Threat Modeling Format (OTM) defines a platform independent way to define the threat model of any system.β178Updated last week
- A powerful tool that leverages AI to automatically generate comprehensive security documentation for your projectsβ99Updated 2 months ago
- The Security Champion Framework provides both a measuring stick and a roadmap generator for Champion Programs.β110Updated last year
- β124Updated 2 years ago
- The Open Security Summit is focused on the collaboration between, Developers and Application Securityβ45Updated 5 months ago
- β114Updated 2 years ago
- StartLeft is an automation tool for generating Threat Models written in the Open Threat Model (OTM) format from a variety of different soβ¦β52Updated 3 weeks ago
- A framework for understanding the capabilities of automated detection methods at identifying classes of application security vulnerabilitβ¦β32Updated 3 weeks ago
- InfoSec OpenAI Examplesβ19Updated 2 years ago
- OWASP Foundation Web Respositoryβ100Updated this week
- AI featured threat modeling and security review actionβ45Updated last year
- A project to visualize the software supply chainβ55Updated 2 years ago
- β20Updated 3 years ago
- Maturity Model Collaborative projectβ15Updated 2 years ago
- An experimental project using LLM technology to generate security documentation for Open Source Software (OSS) projectsβ34Updated 9 months ago
- β87Updated 4 years ago
- KaiMonkey provides vulnerable infrastructure as code (IaC) to help explore and understand common cloud security threats exposed via IaC.β105Updated 2 years ago
- GCP GOAT is the vulnerable application for learn the GCP Securityβ70Updated 7 months ago
- β63Updated 6 months ago
- β69Updated 5 months ago
- Presentations, training modules, and other education materials from Duo Security's Application Security team.β77Updated 4 years ago
- Protect against subdomain takeoverβ94Updated 5 months ago
- Create notes during a security code review in VSCode π Import your favorite SAST tool findings π οΈ and collaborate with others π€β140Updated last month
- Systematic Universal Security Testing Orchestrationβ37Updated 3 years ago
- Clean accounts over permissions in GCP infra at scaleβ71Updated 2 years ago
- β44Updated 2 months ago
- Project intended to make Attack Maps part of software development by reducing the time it takes to complete them.β48Updated 9 years ago
- Tools that checks for misconfigured access to Github OIDC from AWS roles and GCP service accountsβ61Updated 2 years ago