Awesome Open Source
Search
Programming Languages
Languages
All Categories
Categories
About
Search results for security devsecops
devsecops
x
security
x
218 search results found
Dockerfile Security
⭐
88
Static security checker for Dockerfiles
Awesome Mlsecops
⭐
86
A curated list of MLSecOps tools, articles and other resources on security applied to Machine Learning and MLOps systems.
Deeptracy
⭐
84
The Security Dependency Orchestrator Service
Django Security Check
⭐
78
Helps you continuously monitor and fix common security vulnerabilities in your Django application.
Kubelight
⭐
76
OWASP Kubernetes security and compliance tool [WIP]
Purify
⭐
76
All-in-one tool for managing vulnerability reports from AppSec pipelines
Intercept
⭐
74
INTERCEPT / Policy as Code Auditing / SAST for Code & APIs
Aws Container Devsecops Workshop
⭐
73
This workshop is designed to help attendees understand the security concerns of container images and learn how to create a devsecops pipeline for securely building and releasing images.
Bridgecrew Action
⭐
72
This GitHub Action runs Bridgecrew against infrastructure-as-code, open source packages, container images, and CI/CD configurations to identify misconfigurations, vulnerabilities, and license compliance issues.
Devopssecuritychecklist
⭐
68
Azdevopssecurity
⭐
68
Security considerations and guidelines for Azure DevOps and Azure
Log4j Cve 2021 44228
⭐
58
Ansible detector scanner playbook to verify target Linux hosts using the official Red Hat Log4j detector script RHSB-2021-009 Remote Code Execution - log4j (CVE-2021-44228)
Steampipe Postgres Fdw
⭐
57
The Steampipe foreign data wrapper (FDW) is a zero-ETL product that provides Postgres foreign tables which translate queries into API calls to cloud services and APIs. It's bundled with Steampipe and also available as a set of standalone extensions for use in your own Postgres database.
Lotus
⭐
56
⚡ Fast Web Security Scanner written in Rust based on Lua Scripts 🌖 🦀
Brainiac
⭐
53
BrainIAC uses static code analysis to analyze IAC code to detect security issues before deployment. This tool can scan for issues like security policy misconfigurations, insecure cloud-based services, and compliance issues.
Introspector
⭐
52
A schema and set of tools for using SQL to query cloud infrastructure.
Snyk Security Scanner Plugin
⭐
52
Test and monitor your projects for vulnerabilities with Jenkins. This plugin is officially maintained by Snyk.
Tarian
⭐
52
Protect your Cloud Native Applications running on Kubernetes from malicious attacks with pre-registered source code, pre-registered runtime processes monitoring, automated actions based on configure-actions, analytics, alerting and also sharing detections with community. Maybe save from Ransomware. Shift-Left your threat detection. Shift Right threat elimination.
Awesome Devsecops_ru
⭐
50
Подборка выступлений и публикаций на тему DevSecOps на русском и не только)
Falco_extended_rules
⭐
49
Curating Falco rules with MITRE ATT&CK Matrix
Ochrona Cli
⭐
48
A command line tool for detecting vulnerabilities in Python dependencies and doing safe package installs
Tel It Security Automation
⭐
46
Deutsche Telekom IT GmbH (DevSecOps Team): Project for Security & Compliance Automation
Hungryfox
⭐
43
Monitoring for leaks of sensitive information in git repositories
Security Automation With Ansible 2
⭐
42
Ansible Playbooks for Security Automation with Ansible2 book
Holisticinfosec For Webdevelopers Fascicle0
⭐
40
📚 Overview 🔒 Tooling 🔒 Process 🔒 Physical 🔒 People 📚
Steampipe Sqlite
⭐
39
Steampipe SQLite is a zero-ETL engine for SQLite. Virtual tables translate queries into live API calls for cloud services and APIs. Hundreds of plugins with thousands of documented examples.
Iac Scan Runner
⭐
38
Service that scans your Infrastructure as Code for common vulnerabilities
Action Api Scan
⭐
37
A GitHub Action for running the ZAP API scan
Gitavscan
⭐
36
Git Anti-Virus Scan Action - Detect trojans, viruses, malware & other malicious threats.
Tools
⭐
36
Curated list of security tools
Aws Devsecops Factory
⭐
34
Sample DevSecOps pipelines (heavily biased on the "Sec") for various stacks and tools using open-source security tools and AWS native services
Aws Devsecops Workshop
⭐
33
A continuous security pipeline demo for the AWS DevSecOps Workshop.
Eks Creation Engine
⭐
33
The Amazon Elastic Kubernetes Service (EKS) Creation Engine (ECE) is a Python command-line program created by the Lightspin Office of the CISO to facilitate the creation and enablement of secure EKS Clusters.
Sbomasm
⭐
32
SBOM Assembler - A tool to compose your various sboms into a single sbom.
Reapsaw
⭐
32
Reapsaw is a continuous security devsecops tool, which helps in enabling security into CI/CD Pipeline. It supports coverage for multiple programming languages.
Aws Security Services With Terraform
⭐
30
Code examples for the AWS Security Blog post: How to use CI/CD to deploy and configure AWS security services with Terraform
Wardley Maps
⭐
30
A repository for wardley maps related to security topics.
Gdprdpiat
⭐
30
A GDPR Data Protection Impact Assessment (DPIA) tool to assist organisations to evaluate data protection risks with respect to the EU's General Data Protection Regulation. 🇪🇺
Safe_to_run
⭐
29
A library to help verify the security of your android application
Secure Pipeline Java Demo
⭐
28
Devsecops Reference Architectures
⭐
27
A collection of DevSecOps reference architectures
Vulnerableapp4apisecurity
⭐
26
This repository was developed using .NET 7.0 API technology based on findings listed in the OWASP 2019 API Security Top 10.
Secusphere
⭐
26
Efficient DevSecOps
Apicheck
⭐
25
Apisec Run Scan
⭐
24
This action triggers on-demand scans for projects registered in APIsec.
Perimeterator
⭐
24
'Continuous' AWS perimeter monitoring: Periodically scan internet facing AWS resources to detect misconfigured services.
Fortify Plugin
⭐
23
Fortify Jenkins plugin
Ai Threat Modeling Action
⭐
22
AI featured threat modeling and security review action
Actions Secrets
⭐
22
Adding this GitHub Action will scan your repository for sensitive data in your source code. We find things like passwords, server host strings, API keys, .env and config files and more
Contrast Java Webgoat Docker
⭐
22
Contrast Security Instrumentation for Dockerized Webgoat, with lab instructions.
Sbom4python
⭐
21
A tool to generate a SBOM (Software Bill of Materials) for an installed Python module
Mapi Action
⭐
21
🤖 Run a Mayhem for API scan in GitHub Actions
Securecodebox V2
⭐
21
This Repository contains the stable beta preview of the next major secureCodeBox (SCB) release v2.0.0.
Dongtai Plugin Idea
⭐
21
Dongtai-plugin-idea is an IDEA plug-in developed by DongTai team for Java Web application developers. This plug-in provides functions such as vulnerability detection and code audit during application development, enabling developers to find application vulnerabilities more intuitively, quickly and in real time during application development.
Sonar Cloudformation Plugin
⭐
20
Sonarqube cloudformation plugin, IaC security supports cfn-nag/checkov
Security Presentations
⭐
18
Collection of my presentations on various topics like application security, python, cloud security, DevSecOps and so on...
Security Benchmarks
⭐
16
GSA Security Benchmarks and Tools
Holisticinfosec For Webdevelopers Fascicle1
⭐
16
📚 VPS 🔒 Network 🔒 Cloud 🔒 Web Applications 📚
Pyraider
⭐
15
Using PyRaider You can scan installed dependencies known security vulnerabilities. It uses publicly known exploits, vulnerabilities database.
Aegis4j
⭐
14
A Java agent that disables platform features you don't use, before an attacker uses them against you.
Bytesafe Ce
⭐
13
Bytesafe Community Edition is a security platform that protects organizations from open source software supply chain attacks.
Nuclei Plugin
⭐
13
Nuclei is a fast tool for configurable targeted vulnerability scanning based on templates offering massive extensibility and ease of use.
Secr
⭐
12
Application security made easy
Docktor
⭐
12
Docktor is a Web App that deploys an easy-to-use kit of analysis and scanning tools.
Devops Architect Bootcamp
⭐
12
DevOps Boot Camp
Mixewaybackend
⭐
12
Mixeway is security orchestrator for vulnerability scanners which enable easy plug in integration with CICD pipelines. MixewayBackend project contains source code of backend with all plugin integrations writer in Spring Boot.
Heimdall Mongo
⭐
11
A Mongo-based version of Heimdall (Deprecated)
Actions Code
⭐
11
A GitHub Action for using SecureStack to analyse a repository codebase for vulnerabilities in library dependencies (software composition analysis).
Repo Visibility Alert Action
⭐
11
Action that alerts org owners of a repository made public. See upcoming `repo-visibility-toggle-sms-action` to toggle it back via SMS reply.
Redjoust
⭐
11
A quick and easy to use security reconnaissance webapp tool, does OSINT, analysis and red-teaming in both passive and active mode. Written in nodeJS and Electron.
Actions Log4j
⭐
11
A GitHub Action that scans your public web applications for log4j vulnerabilities after every deployment. Add this to your dev, staging and prod steps and SecureStack will make sure that what you've just deployed is secure and meets your requirements.
Ess Gitlab
⭐
10
Scanner for Gitlab Security Mis-Configurations
Contrast Continuous Application Security Plugin
⭐
10
Jenkins Plugin from Contrast Security
Chatcve
⭐
10
ChatCVE is an app using the Langchain SQL Language Tool to give a LLM prompt experience to CVE and SBOM DevSecOps Triage Data
Prismacloud Demo
⭐
10
Complete CNAPP Demo using Prisma Cloud
Wgnetwork
⭐
10
WGNetwork. Managing a WireGuard®-based Private Secured Network and NFTables Firewall
Awesome Dev First Security
⭐
9
A curated collection of tools and resources for building security with a developer first approach.
Awesome Gcpsec
⭐
9
Watchdog
⭐
9
Watchdog allows to define custom hooks in YAML format. When attached to the official repository, some of these can serve as a way to enforce policy by rejecting certain commits or branches.
Secure Go Backend Clean Architecture
⭐
9
Project that provides DevSecOps best practices on the Go Backend Clean Architecture
Devsecops Template
⭐
9
Set of security tools that can be integrated in Jenkins pipelines.
Remove Secrets
⭐
9
for remove secrets workshop
Fortify On Demand Uploader Plugin
⭐
8
Fortify on Demand Uploader
Webscripts
⭐
8
This tool runs scripts and display the result in a Web Interface.
Playbook
⭐
8
Coordination is key to success and originates from experiments that begin with manual operations and later get automated to scale. Playbook helps with this process and provides an automation framework to support this maturation process.
Kapparmor
⭐
8
AppArmor profiles loader to deploy and update them through a Kubernetes daemonset
Luminous Onion
⭐
7
Luminous Onion is a cutting-edge web application designed to revolutionize vulnerability management by seamlessly ingesting security reports from a variety of 3rd party tools. With its intuitive interface and powerful features, Luminous Onion empowers organizations to take charge of their cybersecurity posture like never before.
Secure Devex22
⭐
7
Demo repository for my talk at the Heise Developer Experience 2022 conference.
Cast
⭐
7
CAST is an API security tool for analyzing Kubernetes API traffic for authentication vulnerabilities such as reused credentials.
Devsecops Vault
⭐
7
Collection of roadmaps, tools, best practice, resources about DevSecOps
Appscan Plugin
⭐
7
Credential Detector
⭐
7
An easy-to-use and highly configurable tool that allows you to scan projects to detect potentially hard-coded credentials.
Devsecopsdays Melb
⭐
7
Holisticinfosec For Webdevelopers Fascicle2
⭐
7
📚 IoT 🔒 Mobile 📚
Website
⭐
7
Sources for DevSecOps talks podcast website - join the discussion
Veracodecommunitysca
⭐
6
Seamlessly integrate Veracode Agent-Based SCA scans with Azure DevOps build or release pipelines.
Devsecops
⭐
6
Implementing security in Devops
Mixewayfrontend
⭐
6
Mixeway is security orchestrator for vulnerability scanners which enable easy plug in integration with CICD pipelines. MixewayFrontend contains source code of GUI created in Angular 8 and based on ngxadmin framework.
Cyber_compendium
⭐
6
A one stop shop for all cyber tooling, frameworks and hacking methodologies
Cxray
⭐
6
Tracing security events in container with BPF
Related Searches
Security Vulnerabilities (12,295)
Laravel Security (11,580)
Php Security (10,611)
Javascript Security (2,859)
Java Security (2,531)
Html Security (2,284)
Python Security (1,733)
Golang Security (1,316)
Shell Security (1,213)
Security Penetration Testing (920)
101-200 of 218 search results
< Previous
Next >
Privacy
|
About
|
Terms
|
Follow Us On Twitter
Copyright 2018-2024 Awesome Open Source. All rights reserved.