Awesome Open Source

Programming Languages

Search results for security devsecops

218 search results found

Dockerfile Security ⭐ 88

Static security checker for Dockerfiles

Awesome Mlsecops ⭐ 86

A curated list of MLSecOps tools, articles and other resources on security applied to Machine Learning and MLOps systems.

Deeptracy ⭐ 84

The Security Dependency Orchestrator Service

Django Security Check ⭐ 78

Helps you continuously monitor and fix common security vulnerabilities in your Django application.

Kubelight ⭐ 76

OWASP Kubernetes security and compliance tool [WIP]

All-in-one tool for managing vulnerability reports from AppSec pipelines

Intercept ⭐ 74

INTERCEPT / Policy as Code Auditing / SAST for Code & APIs

Aws Container Devsecops Workshop ⭐ 73

This workshop is designed to help attendees understand the security concerns of container images and learn how to create a devsecops pipeline for securely building and releasing images.

Bridgecrew Action ⭐ 72

This GitHub Action runs Bridgecrew against infrastructure-as-code, open source packages, container images, and CI/CD configurations to identify misconfigurations, vulnerabilities, and license compliance issues.

Devopssecuritychecklist ⭐ 68

Azdevopssecurity ⭐ 68

Security considerations and guidelines for Azure DevOps and Azure

Log4j Cve 2021 44228 ⭐ 58

Ansible detector scanner playbook to verify target Linux hosts using the official Red Hat Log4j detector script RHSB-2021-009 Remote Code Execution - log4j (CVE-2021-44228)

Steampipe Postgres Fdw ⭐ 57

The Steampipe foreign data wrapper (FDW) is a zero-ETL product that provides Postgres foreign tables which translate queries into API calls to cloud services and APIs. It's bundled with Steampipe and also available as a set of standalone extensions for use in your own Postgres database.

⚡ Fast Web Security Scanner written in Rust based on Lua Scripts 🌖 🦀

Brainiac ⭐ 53

BrainIAC uses static code analysis to analyze IAC code to detect security issues before deployment. This tool can scan for issues like security policy misconfigurations, insecure cloud-based services, and compliance issues.

Introspector ⭐ 52

A schema and set of tools for using SQL to query cloud infrastructure.

Snyk Security Scanner Plugin ⭐ 52

Test and monitor your projects for vulnerabilities with Jenkins. This plugin is officially maintained by Snyk.

Protect your Cloud Native Applications running on Kubernetes from malicious attacks with pre-registered source code, pre-registered runtime processes monitoring, automated actions based on configure-actions, analytics, alerting and also sharing detections with community. Maybe save from Ransomware. Shift-Left your threat detection. Shift Right threat elimination.

Awesome Devsecops_ru ⭐ 50

Подборка выступлений и публикаций на тему DevSecOps на русском и не только)

Falco_extended_rules ⭐ 49

Curating Falco rules with MITRE ATT&CK Matrix

Ochrona Cli ⭐ 48

A command line tool for detecting vulnerabilities in Python dependencies and doing safe package installs

Tel It Security Automation ⭐ 46

Deutsche Telekom IT GmbH (DevSecOps Team): Project for Security & Compliance Automation

Hungryfox ⭐ 43

Monitoring for leaks of sensitive information in git repositories

Security Automation With Ansible 2 ⭐ 42

Ansible Playbooks for Security Automation with Ansible2 book

Holisticinfosec For Webdevelopers Fascicle0 ⭐ 40

📚 Overview 🔒 Tooling 🔒 Process 🔒 Physical 🔒 People 📚

Steampipe Sqlite ⭐ 39

Steampipe SQLite is a zero-ETL engine for SQLite. Virtual tables translate queries into live API calls for cloud services and APIs. Hundreds of plugins with thousands of documented examples.

Iac Scan Runner ⭐ 38

Service that scans your Infrastructure as Code for common vulnerabilities

Action Api Scan ⭐ 37

A GitHub Action for running the ZAP API scan

Gitavscan ⭐ 36

Git Anti-Virus Scan Action - Detect trojans, viruses, malware & other malicious threats.

Curated list of security tools

Aws Devsecops Factory ⭐ 34

Sample DevSecOps pipelines (heavily biased on the "Sec") for various stacks and tools using open-source security tools and AWS native services

Aws Devsecops Workshop ⭐ 33

A continuous security pipeline demo for the AWS DevSecOps Workshop.

Eks Creation Engine ⭐ 33

The Amazon Elastic Kubernetes Service (EKS) Creation Engine (ECE) is a Python command-line program created by the Lightspin Office of the CISO to facilitate the creation and enablement of secure EKS Clusters.

SBOM Assembler - A tool to compose your various sboms into a single sbom.

Reapsaw is a continuous security devsecops tool, which helps in enabling security into CI/CD Pipeline. It supports coverage for multiple programming languages.

Aws Security Services With Terraform ⭐ 30

Code examples for the AWS Security Blog post: How to use CI/CD to deploy and configure AWS security services with Terraform

Wardley Maps ⭐ 30

A repository for wardley maps related to security topics.

Gdprdpiat ⭐ 30

A GDPR Data Protection Impact Assessment (DPIA) tool to assist organisations to evaluate data protection risks with respect to the EU's General Data Protection Regulation. 🇪🇺

Safe_to_run ⭐ 29

A library to help verify the security of your android application

Secure Pipeline Java Demo ⭐ 28

Devsecops Reference Architectures ⭐ 27

A collection of DevSecOps reference architectures

Vulnerableapp4apisecurity ⭐ 26

This repository was developed using .NET 7.0 API technology based on findings listed in the OWASP 2019 API Security Top 10.

Secusphere ⭐ 26

Efficient DevSecOps

Apicheck ⭐ 25

Apisec Run Scan ⭐ 24

This action triggers on-demand scans for projects registered in APIsec.

Perimeterator ⭐ 24

'Continuous' AWS perimeter monitoring: Periodically scan internet facing AWS resources to detect misconfigured services.

Fortify Plugin ⭐ 23

Fortify Jenkins plugin

Ai Threat Modeling Action ⭐ 22

AI featured threat modeling and security review action

Actions Secrets ⭐ 22

Adding this GitHub Action will scan your repository for sensitive data in your source code. We find things like passwords, server host strings, API keys, .env and config files and more

Contrast Java Webgoat Docker ⭐ 22

Contrast Security Instrumentation for Dockerized Webgoat, with lab instructions.

Sbom4python ⭐ 21

A tool to generate a SBOM (Software Bill of Materials) for an installed Python module

Mapi Action ⭐ 21

🤖 Run a Mayhem for API scan in GitHub Actions

Securecodebox V2 ⭐ 21

This Repository contains the stable beta preview of the next major secureCodeBox (SCB) release v2.0.0.

Dongtai Plugin Idea ⭐ 21

Dongtai-plugin-idea is an IDEA plug-in developed by DongTai team for Java Web application developers. This plug-in provides functions such as vulnerability detection and code audit during application development, enabling developers to find application vulnerabilities more intuitively, quickly and in real time during application development.

Sonar Cloudformation Plugin ⭐ 20

Sonarqube cloudformation plugin, IaC security supports cfn-nag/checkov

Security Presentations ⭐ 18

Collection of my presentations on various topics like application security, python, cloud security, DevSecOps and so on...

Security Benchmarks ⭐ 16

GSA Security Benchmarks and Tools

Holisticinfosec For Webdevelopers Fascicle1 ⭐ 16

📚 VPS 🔒 Network 🔒 Cloud 🔒 Web Applications 📚

Pyraider ⭐ 15

Using PyRaider You can scan installed dependencies known security vulnerabilities. It uses publicly known exploits, vulnerabilities database.

A Java agent that disables platform features you don't use, before an attacker uses them against you.

Bytesafe Ce ⭐ 13

Bytesafe Community Edition is a security platform that protects organizations from open source software supply chain attacks.

Nuclei Plugin ⭐ 13

Nuclei is a fast tool for configurable targeted vulnerability scanning based on templates offering massive extensibility and ease of use.

Application security made easy

Docktor is a Web App that deploys an easy-to-use kit of analysis and scanning tools.

Devops Architect Bootcamp ⭐ 12

DevOps Boot Camp

Mixewaybackend ⭐ 12

Mixeway is security orchestrator for vulnerability scanners which enable easy plug in integration with CICD pipelines. MixewayBackend project contains source code of backend with all plugin integrations writer in Spring Boot.

Heimdall Mongo ⭐ 11

A Mongo-based version of Heimdall (Deprecated)

Actions Code ⭐ 11

A GitHub Action for using SecureStack to analyse a repository codebase for vulnerabilities in library dependencies (software composition analysis).

Repo Visibility Alert Action ⭐ 11

Action that alerts org owners of a repository made public. See upcoming `repo-visibility-toggle-sms-action` to toggle it back via SMS reply.

Redjoust ⭐ 11

A quick and easy to use security reconnaissance webapp tool, does OSINT, analysis and red-teaming in both passive and active mode. Written in nodeJS and Electron.

Actions Log4j ⭐ 11

A GitHub Action that scans your public web applications for log4j vulnerabilities after every deployment. Add this to your dev, staging and prod steps and SecureStack will make sure that what you've just deployed is secure and meets your requirements.

Ess Gitlab ⭐ 10

Scanner for Gitlab Security Mis-Configurations

Contrast Continuous Application Security Plugin ⭐ 10

Jenkins Plugin from Contrast Security

ChatCVE is an app using the Langchain SQL Language Tool to give a LLM prompt experience to CVE and SBOM DevSecOps Triage Data

Prismacloud Demo ⭐ 10

Complete CNAPP Demo using Prisma Cloud

Wgnetwork ⭐ 10

WGNetwork. Managing a WireGuard®-based Private Secured Network and NFTables Firewall

Awesome Dev First Security ⭐ 9

A curated collection of tools and resources for building security with a developer first approach.

Awesome Gcpsec ⭐ 9

Watchdog allows to define custom hooks in YAML format. When attached to the official repository, some of these can serve as a way to enforce policy by rejecting certain commits or branches.

Secure Go Backend Clean Architecture ⭐ 9

Project that provides DevSecOps best practices on the Go Backend Clean Architecture

Devsecops Template ⭐ 9

Set of security tools that can be integrated in Jenkins pipelines.

Remove Secrets ⭐ 9

for remove secrets workshop

Fortify On Demand Uploader Plugin ⭐ 8

Fortify on Demand Uploader

Webscripts ⭐ 8

This tool runs scripts and display the result in a Web Interface.

Coordination is key to success and originates from experiments that begin with manual operations and later get automated to scale. Playbook helps with this process and provides an automation framework to support this maturation process.

Kapparmor ⭐ 8

AppArmor profiles loader to deploy and update them through a Kubernetes daemonset

Luminous Onion ⭐ 7

Luminous Onion is a cutting-edge web application designed to revolutionize vulnerability management by seamlessly ingesting security reports from a variety of 3rd party tools. With its intuitive interface and powerful features, Luminous Onion empowers organizations to take charge of their cybersecurity posture like never before.

Secure Devex22 ⭐ 7

Demo repository for my talk at the Heise Developer Experience 2022 conference.

CAST is an API security tool for analyzing Kubernetes API traffic for authentication vulnerabilities such as reused credentials.

Devsecops Vault ⭐ 7

Collection of roadmaps, tools, best practice, resources about DevSecOps

Appscan Plugin ⭐ 7

Credential Detector ⭐ 7

An easy-to-use and highly configurable tool that allows you to scan projects to detect potentially hard-coded credentials.

Devsecopsdays Melb ⭐ 7

Holisticinfosec For Webdevelopers Fascicle2 ⭐ 7

📚 IoT 🔒 Mobile 📚

Sources for DevSecOps talks podcast website - join the discussion

Veracodecommunitysca ⭐ 6

Seamlessly integrate Veracode Agent-Based SCA scans with Azure DevOps build or release pipelines.

Devsecops ⭐ 6

Implementing security in Devops

Mixewayfrontend ⭐ 6

Mixeway is security orchestrator for vulnerability scanners which enable easy plug in integration with CICD pipelines. MixewayFrontend contains source code of GUI created in Angular 8 and based on ngxadmin framework.

Cyber_compendium ⭐ 6

A one stop shop for all cyber tooling, frameworks and hacking methodologies

Tracing security events in container with BPF

Related Searches

Security Vulnerabilities (12,295)

Laravel Security (11,580)

Php Security (10,611)

Javascript Security (2,859)

Java Security (2,531)

Html Security (2,284)

Python Security (1,733)

Golang Security (1,316)

Shell Security (1,213)

Security Penetration Testing (920)

101-200 of 218 search results

Privacy | About | Terms | Follow Us On Twitter

Copyright 2018-2024 Awesome Open Source. All rights reserved.