devsecops topic

Open Source Static Scanning tool to detect data flows in your code, find data security vulnerabilities & generate accurate Play Store Data Safety Report.

Privado-Inc

The MITRE Security Automation Framework (SAF) Command Line Interface (CLI) brings together applications, techniques, libraries, and tools developed by MITRE and the security community to streamline se...

mitre

SonarQube plugin for identifying hardcoded secrets, such as passwords, API keys, AWS credentials, etc..

Skyscanner

Ansible detector scanner playbook to verify target Linux hosts using the official Red Hat Log4j detector script RHSB-2021-009 Remote Code Execution - log4j (CVE-2021-44228)

lucab85

Cfngoat is Bridgecrew's "Vulnerable by Design" Cloudformation repository. Cfngoat is a learning and training project that demonstrates how common configuration errors can find their way into productio...

bridgecrewio

Подборка выступлений и публикаций на тему DevSecOps на русском и не только)

devops-ru

🔍🔍 Malware scanner for cloud-native, as part of CI/CD and at Runtime 🔍🔍

deepfence

Detect and remediate misconfigurations and security risks across all your GitHub and GitLab assets

Legit-Labs

A compilation of resources in the software supply chain security domain, with emphasis on open source

bureado

An ongoing & curated collection of awesome software best practices and techniques, libraries and frameworks, E-books and videos, websites, blog posts, links to github Repositories, technical guideline...

paulveillard