zaproxy / action-baseline

Related projects: ⓘ

• zaproxy / action-full-scan
  A GitHub Action for running the ZAP Full scan
  ☆268Updated 2 months ago
• zaproxy / action-api-scan
  A GitHub Action for running the ZAP API scan
  ☆50Updated 2 months ago
• snyk / actions
  A set of GitHub actions for checking your projects for vulnerabilities
  ☆505Updated last week
• bridgecrewio / checkov-action
  This GitHub Action runs Checkov against infrastructure-as-code, open source packages, container images, and CI/CD configurations to ident…
  ☆238Updated this week
• Azure / container-scan
  A GitHub action to help you scan your docker image for vulnerabilities
  ☆218Updated last year
• GeekMasher / advanced-security-compliance
  GitHub Advance Security Compliance Action
  ☆131Updated last year
• ShiftLeftSecurity / sast-scan
  Scan is a free & Open Source DevSecOps tool for performing static analysis based security testing of your applications and its dependenci…
  ☆790Updated last year
• anchore / scan-action
  Anchore container analysis and scan provided as a GitHub Action
  ☆203Updated this week
• semgrep / semgrep-action
  This project is deprecated. Use https://github.com/returntocorp/semgrep instead
  ☆73Updated 5 months ago
• devsecopsmaturitymodel / DevSecOps-MaturityModel
  ☆478Updated this week
• advanced-security / policy-as-code
  GitHub Advanced Security Policy as Code
  ☆67Updated last week
• aquasecurity / trivy-action
  Runs Trivy as GitHub action to scan your Docker container image for vulnerabilities
  ☆774Updated this week
• NickLiffen / ghas-enablement
  A tool that aims to bulk automates the enablement of GitHub Code Scanning, Secret Scanning and Dependabot across multiple repositories.
  ☆153Updated 3 months ago
• snyk-labs / snyk-cicd-integration-examples
  Examples of integrating the Snyk CLI into a CI/CD system
  ☆78Updated 5 months ago
• step-security / harden-runner
  Network egress filtering and runtime security for GitHub-hosted and self-hosted runners
  ☆597Updated this week
• dependency-check / Dependency-Check_Action
  Github action to run dependency check
  ☆69Updated last month
• advanced-security / secret-scanning-custom-patterns
  Examples of Custom Secret Scanning Patterns
  ☆132Updated 2 months ago
• github / ossar-action
  Run multiple open source security static analysis tools without the added complexity with OSSAR (Open Source Static Analysis Runner).
  ☆94Updated 5 months ago
• checkmarx-ts / checkmarx-cxflow-github-action
  Checkmarx CxFlow GitHub Action with SARIF output
  ☆52Updated 2 weeks ago
• cider-security-research / top-10-cicd-security-risks
  ☆394Updated last year
• ossf / scorecard-action
  Official GitHub Action for OpenSSF Scorecard.
  ☆251Updated this week
• OWASP / www-project-top-10-ci-cd-security-risks
  OWASP Foundation Web Respository
  ☆79Updated 2 weeks ago
• threatspec / threatspec
  threatspec - continuous threat modeling, through code
  ☆327Updated 3 years ago
• reload / github-security-jira
  Github Action for integrating Security Alerts with JIRA
  ☆53Updated last week
• owaspsamm / sammwise
  NextJS-based single-page application for completing and reviewing SAMM assessments
  ☆67Updated last year
• snyk / awesome-snyk-community
  Awesome Snyk community contributions, champions, integrations, blogs, tools and more 💜
  ☆42Updated 2 years ago
• 42Crunch / api-security-audit-action
  ☆32Updated 3 weeks ago
• Skyscanner / whispers
  Identify hardcoded secrets in static structured text
  ☆480Updated 11 months ago
• github / ghas-jira-integration
  Synchronize GitHub Code Scanning alerts to Jira issues
  ☆81Updated last month
• triat / terraform-security-scan
  Run a security scan on your terraform with the very nice https://github.com/aquasecurity/tfsec
  ☆110Updated last year