shenril / owasp-asvs-checklist
OWASP ASVS checklist for audits
☆186Updated 8 months ago
Related projects: ⓘ
- A simple web app that helps developers understand the ASVS requirements.☆153Updated 6 months ago
- ☆118Updated 10 months ago
- OWASP Cloud Security - Enabling conversations through threat and control stories☆175Updated 5 years ago
- A unified DevSecOps Framework that allows you to go from iterative, collaborative Threat Modeling to Application Security Test Orchestrat…☆271Updated last week
- Node application to help managing Maturity Models like the ones created by BSIMM and OpenSAMM☆185Updated 6 years ago
- This project is about creating and publishing threat model examples.☆402Updated 2 years ago
- materials we hand out☆127Updated last week
- SAMM stands for Software Assurance Maturity Model.☆396Updated 2 years ago
- threatspec - continuous threat modeling, through code☆327Updated 3 years ago
- Content for OWASP Summit 2017 site☆126Updated 3 years ago
- The Security Champion Framework provides both a measuring stick and a roadmap generator for Champion Programs.☆102Updated 8 months ago
- Security Champions Playbook v 2.1☆341Updated 11 months ago
- Segment's Threat Modeling training for our engineers☆233Updated 3 years ago
- The Secure Coding Framework☆258Updated 4 years ago
- A Continuous Threat Modeling methodology☆303Updated 2 years ago
- A tool geared towards pentesting APIs using OpenAPI definitions.☆167Updated last year
- IriusRisk Community☆62Updated last year
- ☆30Updated 3 years ago
- Repo to hold mapping of user-security-stories☆112Updated 5 years ago
- Container Security Verification Standard☆57Updated 5 years ago
- ☆77Updated 3 years ago
- ☆101Updated this week
- An open source, online threat modelling tool from OWASP☆481Updated 2 months ago
- Security Payload Unit Test Repository (SPUTR)☆86Updated last year
- Open source security career ladders☆114Updated last year
- Automate security tests using Burp Suite.☆222Updated 3 months ago
- A script to enumerate Google Storage buckets, determine what access you have to them, and determine if they can be privilege escalated.☆476Updated last year
- The Pixi module is a MEAN Stack web app with wildly insecure APIs!☆110Updated last year
- An application to assist in the organization and prioritization of software security activities.☆134Updated 3 years ago
- A checklist of practices for organizations dealing with account takeover (ATO)☆261Updated 3 years ago