devsecops topic
privado
Open Source Static Scanning tool to detect data flows in your code, find data security vulnerabilities & generate accurate Play Store Data Safety Report.
saf
The MITRE Security Automation Framework (SAF) Command Line Interface (CLI) brings together applications, techniques, libraries, and tools developed by MITRE and the security community to streamline se...
sonar-secrets
SonarQube plugin for identifying hardcoded secrets, such as passwords, API keys, AWS credentials, etc..
log4j-cve-2021-44228
Ansible detector scanner playbook to verify target Linux hosts using the official Red Hat Log4j detector script RHSB-2021-009 Remote Code Execution - log4j (CVE-2021-44228)
cfngoat
Cfngoat is Bridgecrew's "Vulnerable by Design" Cloudformation repository. Cfngoat is a learning and training project that demonstrates how common configuration errors can find their way into productio...
awesome-devsecops_ru
Подборка выступлений и публикаций на тему DevSecOps на русском и не только)
YaraHunter
🔍🔍 Malware scanner for cloud-native, as part of CI/CD and at Runtime 🔍🔍
legitify
Detect and remediate misconfigurations and security risks across all your GitHub and GitLab assets
awesome-software-supply-chain-security
A compilation of resources in the software supply chain security domain, with emphasis on open source
cybersecurity-devsecops
An ongoing & curated collection of awesome software best practices and techniques, libraries and frameworks, E-books and videos, websites, blog posts, links to github Repositories, technical guideline...