🔍🔍 Malware scanner for cloud-native, as part of CI/CD and at Runtime 🔍🔍
Proactive, Open source API security → API discovery, Testing in CI/CD, Test Library with 150+ Tests, Add custom tests, Sensitive data exposure
SBOM quality score - Quality metrics for your sboms
CLI component of OWASP PurpleTeam
Comprehensive set of Terraform coding standards designed for enterprise-level projects
Mixeway is security orchestrator for vulnerability scanners which enable easy plug in integration with CICD pipelines. MixewayHub project contain one click docker-compose file which configure and run images from docker hub.
Code examples for the AWS Security Blog post: How to use CI/CD to deploy and configure AWS security services with Terraform
DevSecOps Project using git, GitHub, jenkins, Maven,Junit, SonarQube, Docker, Trivy, Hashicorp Vault, AWS, Kubernetes
Application Security pipelines
Efficient DevSecOps
A set of Gitlab pipelines and Github workflows to automate and ease on BugBounty and Penetration Testing engagements
All of our GitHub Actions rolled into one. Or as we like to say: One GitHub Action to rule them all!
SBOM Grep - search through SBOMs
Using PyRaider You can scan installed dependencies known security vulnerabilities. It uses publicly known exploits, vulnerabilities database.
A demo of cloud-native Inner Loop and Outer Loop controlling a 2-tier app (Python + Go) with Red Hat OpenShift using Tekton Pipelines, Argo CD GitOps, Eclipse Che aka OpenShift DevSpaces and Quay.io registry
Mixeway is security orchestrator for vulnerability scanners which enable easy plug in integration with CICD pipelines. MixewayBackend project contains source code of backend with all plugin integrations writer in Spring Boot.
La intención de la workshop es mostrar y orientar a los equipos de desarrollo, seguridad y devops (entre otros) que quieran comenzar en DevSecOps, a segurar sus aplicaciones o bien a conocer un poco más acerca del desarrollo seguro, para esto, estaremos otorgando algunos tips e información que fuimos aprendiendo para armar un Pipeline DevSecOps …
GitHub action to run Threagile, the agile threat modeling toolkit, on a repo's threagile.yaml file
Add a description, image, and links to the devsecops-pipeline topic page so that developers can more easily learn about it.
To associate your repository with the devsecops-pipeline topic, visit your repo's landing page and select "manage topics."