Awesome Open Source
Search
Programming Languages
Languages
All Categories
Categories
About
Search results for devsecops
devsecops
x
402 search results found
Cdkgoat
⭐
34
CdkGoat is Bridgecrew's "Vulnerable by Design" AWS CDK repository. CdkGoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments.
Kubviz
⭐
34
Visualize Kubernetes & DevSecOps Workflows. Tracks changes/events real-time across your entire K8s clusters, git repos, container registries, SBOM, Vulnerability foot print, etc. , analyzing their effects and providing you with the context you need to troubleshoot efficiently. Get the Observability you need, easily.
Tictaac
⭐
34
Easy-to-use Threat modeling-as-a-Code (TaaC) solution following DevSecOps principles. Simple CI/CD integration as well as console usage. Sugar-Free and Secure: no any external dependencies except for chart plotting are used
Aws Devsecops Factory
⭐
34
Sample DevSecOps pipelines (heavily biased on the "Sec") for various stacks and tools using open-source security tools and AWS native services
Eks Creation Engine
⭐
33
The Amazon Elastic Kubernetes Service (EKS) Creation Engine (ECE) is a Python command-line program created by the Lightspin Office of the CISO to facilitate the creation and enablement of secure EKS Clusters.
Aws Devsecops Workshop
⭐
33
A continuous security pipeline demo for the AWS DevSecOps Workshop.
Reapsaw
⭐
32
Reapsaw is a continuous security devsecops tool, which helps in enabling security into CI/CD Pipeline. It supports coverage for multiple programming languages.
Devsecops Example
⭐
32
Example implementation of the GSA DevSecOps Pipeline
Sbomasm
⭐
32
SBOM Assembler - A tool to compose your various sboms into a single sbom.
Nacp
⭐
32
Admission Controller as a proxy for Nomad. Define OPA rules for validation and mutation or plugin remotes
Caracara
⭐
32
Developer enhancements (DX) for FalconPy, the CrowdStrike Python SDK
Task Ninja
⭐
31
Ultimate Tasks Automation Framework for Hackers, DevSecOps, Pentesters, and Bug-bounty hunters!
Faraday_agent_dispatcher
⭐
30
Faraday Agent Dispatcher launches any security tools and send results to Faradaysec Platform.
Gdprdpiat
⭐
30
A GDPR Data Protection Impact Assessment (DPIA) tool to assist organisations to evaluate data protection risks with respect to the EU's General Data Protection Regulation. 🇪🇺
Wardley Maps
⭐
30
A repository for wardley maps related to security topics.
Faraday Cli
⭐
30
Faraday's Command Line Interface
Aws Security Services With Terraform
⭐
30
Code examples for the AWS Security Blog post: How to use CI/CD to deploy and configure AWS security services with Terraform
Nginx Declarative Api
⭐
30
Declarative REST API and GitOps automation layer for NGINX Instance Manager
Aws Pipeline
⭐
29
Build a CI/CD for Microservices and Serverless Functions in AWS ☁️
Safe_to_run
⭐
29
A library to help verify the security of your android application
Cybersecurity Devsecops
⭐
29
An ongoing & curated collection of awesome software best practices and techniques, libraries and frameworks, E-books and videos, websites, blog posts, links to github Repositories, technical guidelines and important resources about DevSecOps in Cybersecurity.
Ploigos Software Factory Operator
⭐
28
Secure Pipeline Java Demo
⭐
28
Pwn
⭐
28
PWN is an open security automation framework that aims to stand on the shoulders of security giants, promoting trust and innovation.
Devops Culture
⭐
27
Ideas & concepts that will help you become a great devops
Clinv
⭐
27
DevSecOps command line asset inventory tool
Devsecops Reference Architectures
⭐
27
A collection of DevSecOps reference architectures
Offat
⭐
27
Tests your API automatically for common API vulnerabilities. Project is still Work In Progress. PRs are appreciated.
Secusphere
⭐
26
Efficient DevSecOps
Vulnerableapp4apisecurity
⭐
26
This repository was developed using .NET 7.0 API technology based on findings listed in the OWASP 2019 API Security Top 10.
Privapi
⭐
25
Detect Sensitive REST API communication using Deep Neural Networks
Apicheck
⭐
25
Devsecops
⭐
25
Perimeterator
⭐
24
'Continuous' AWS perimeter monitoring: Periodically scan internet facing AWS resources to detect misconfigured services.
Pythonsecuritypipeline
⭐
24
DevSecOps pipeline for Python based project using Jenkins, Ansible, AWS, and open-source security tools and checks.
Multi Tenancy
⭐
24
Multi-tenancy assets for IBM clients to build SaaS
Apisec Run Scan
⭐
24
This action triggers on-demand scans for projects registered in APIsec.
Fortify Plugin
⭐
23
Fortify Jenkins plugin
Devops Infra Demo
⭐
23
Growing repository of Infrastructure as Code demos (initially created for DevOps Wall Street)
Secobserve
⭐
22
SecObserve is an open source vulnerability management system for software development teams that supports a variety of open source vulnerability scanners and integrates easily into CI/CD pipelines.
Contrast Java Webgoat Docker
⭐
22
Contrast Security Instrumentation for Dockerized Webgoat, with lab instructions.
Actions Secrets
⭐
22
Adding this GitHub Action will scan your repository for sensitive data in your source code. We find things like passwords, server host strings, API keys, .env and config files and more
Ai Threat Modeling Action
⭐
22
AI featured threat modeling and security review action
F5 Hybrid Security Architectures
⭐
21
Example hybrid security architectures utilizing DevSecOps principles to deploy F5 Distributed Cloud WAAP in conjunction with the F5 product portfolio.
Learningdevopsukraine
⭐
21
LearningDevOpsUkraine
Securecodebox V2
⭐
21
This Repository contains the stable beta preview of the next major secureCodeBox (SCB) release v2.0.0.
Sbom4python
⭐
21
A tool to generate a SBOM (Software Bill of Materials) for an installed Python module
Stackql Provider Registry
⭐
21
Registry for cloud and SaaS providers for StackQL, generated from extensions to the providers OpenAPI3 specification
Mapi Action
⭐
21
🤖 Run a Mayhem for API scan in GitHub Actions
Dongtai Plugin Idea
⭐
21
Dongtai-plugin-idea is an IDEA plug-in developed by DongTai team for Java Web application developers. This plug-in provides functions such as vulnerability detection and code audit during application development, enabling developers to find application vulnerabilities more intuitively, quickly and in real time during application development.
Sonar Cloudformation Plugin
⭐
20
Sonarqube cloudformation plugin, IaC security supports cfn-nag/checkov
Njsscan Action
⭐
20
nodejsscan Github Action
Fortifyvulnerabilityexporter
⭐
20
Export Fortify vulnerability data to GitHub, GitLab, SonarQube and more
Pipeline Templates
⭐
18
A catalog of templates for installing and managing different CI/CD technologies.
Kdt
⭐
18
CLI to interact with Kondukto
Github Action Gitleaks
⭐
18
This GitHub Action allows you to run Gitleaks in your GitHub workflow.
Alldaysecops
⭐
18
Devsecops Workshop
⭐
18
Security Presentations
⭐
18
Collection of my presentations on various topics like application security, python, cloud security, DevSecOps and so on...
Dojo 101
⭐
17
Base de connaissances et cheatsheets cybersécurité
Dohq Ai Best Practices
⭐
17
Внедрение и эксплуатация PT Application Inspector. Подробнее: https://habr.com/ru/company/pt/blog/557142/
Cybercloudlearning
⭐
17
Repo for Cybercloud Tutorials hosted at cybercloud.guru
Ado Course
⭐
16
Code repository for Mastering YAML pipelines Udemy course
Sbomdiff
⭐
16
This tool compares two Software Bill of Materials (SBOMs) and reports the differences.
Devsecops Workshop Dashboard
⭐
16
Openshift Devsecops
⭐
16
The merger of the CI/CD demos, provisioning, and DevSecOps workshop content into a single repo, built on OCP 4.x
Security Benchmarks
⭐
16
GSA Security Benchmarks and Tools
Holisticinfosec For Webdevelopers Fascicle1
⭐
16
📚 VPS 🔒 Network 🔒 Cloud 🔒 Web Applications 📚
Actions All In One
⭐
15
All of our GitHub Actions rolled into one. Or as we like to say: One GitHub Action to rule them all!
Helm Charts
⭐
15
Akeyless Kubernetes Helm charts
Pyraider
⭐
15
Using PyRaider You can scan installed dependencies known security vulnerabilities. It uses publicly known exploits, vulnerabilities database.
Sslchecker
⭐
15
SSLChecker is a serverless API written in Python and running on Azure Functions. SSLChecker is used to identify obsolete versions of SSL/TLS (e.g., SSL 3.0, and TLS 1.0/1.1), or perform a full scan to identify all supported versions of SSL/TLS on an endpoint.
Cyberhall
⭐
15
🛡️ 🌐 🥷🏻 Everything CyberSecurity Related 🏴☠️ 👾 🕵🏾
Sbomgr
⭐
14
SBOM Grep - search through SBOMs
Aegis4j
⭐
14
A Java agent that disables platform features you don't use, before an attacker uses them against you.
Firebolt
⭐
13
A platform to create, catalog and deploy tests for tools such as Gauntlt, AttackIQ and Metasploit.
Devsecops Workshop On Aws
⭐
13
In this workshop we will build a pipeline for a sample WordPress site in a stack. We will explore how to validate, lint and test templates, and dive deeper in tools that help you enforce compliance and network analysis, together with your development pipeline, for a full DevSecOps CI/CD.
Devsquad Accelerators
⭐
13
Index repo listing all DevSquad accelerators templates, workshops, and hacks.
Bytesafe Ce
⭐
13
Bytesafe Community Edition is a security platform that protects organizations from open source software supply chain attacks.
Nuclei Plugin
⭐
13
Nuclei is a fast tool for configurable targeted vulnerability scanning based on templates offering massive extensibility and ease of use.
Mixewaybackend
⭐
12
Mixeway is security orchestrator for vulnerability scanners which enable easy plug in integration with CICD pipelines. MixewayBackend project contains source code of backend with all plugin integrations writer in Spring Boot.
Sysadmin
⭐
12
the flow of time is always cruel
Secr
⭐
12
Application security made easy
Workshop Devsecops
⭐
12
La intención de la workshop es mostrar y orientar a los equipos de desarrollo, seguridad y devops (entre otros) que quieran comenzar en DevSecOps, a segurar sus aplicaciones o bien a conocer un poco más acerca del desarrollo seguro, para esto, estaremos otorgando algunos tips e información que fuimos aprendiendo para armar un Pipeline DevSecOps básico.
Devops Architect Bootcamp
⭐
12
DevOps Boot Camp
Docktor
⭐
12
Docktor is a Web App that deploys an easy-to-use kit of analysis and scanning tools.
Horusec Action
⭐
11
It's a Horusec Action proof of concept
Aws Codepipeline Devsecops Amazoneks
⭐
11
This solution provides an overview of DevSecOps CICD Pipeline Implementation using AWS DevOps Services and other tools
Heimdall Mongo
⭐
11
A Mongo-based version of Heimdall (Deprecated)
Sigsci_site_manager
⭐
11
Signal Sciences Site Manager
Repo Visibility Alert Action
⭐
11
Action that alerts org owners of a repository made public. See upcoming `repo-visibility-toggle-sms-action` to toggle it back via SMS reply.
Lib4sbom
⭐
11
Library to ingest and generate SBOMs
Kubnerable
⭐
11
🔭 Kubernetes out-cluster vulnerability scanner
Actions Code
⭐
11
A GitHub Action for using SecureStack to analyse a repository codebase for vulnerabilities in library dependencies (software composition analysis).
Redjoust
⭐
11
A quick and easy to use security reconnaissance webapp tool, does OSINT, analysis and red-teaming in both passive and active mode. Written in nodeJS and Electron.
Devsecops Capability Model
⭐
11
A capability modelling and visualisation tool for those on the DevSecOps journey
Auditree Arboretum
⭐
11
The Auditree common fetchers, checks and harvest reports library.
Devops
⭐
11
Blogseries on DevOps
Container Security Steps
⭐
11
Docker and Kubernetes security talk to help you create, build, test, and run safer in containers
Devsecops Ekk Stack
⭐
11
Terraform that builds an EKK logging stack
201-300 of 402 search results
< Previous
Next >
Privacy
|
About
|
Terms
|
Follow Us On Twitter
Copyright 2018-2024 Awesome Open Source. All rights reserved.