devsecops-pipeline

Proactive, Open source API security → API discovery, API Security Posture, Testing in CI/CD, Test Library with 1000+ Tests, Add custom tests, Sensitive data exposure

🔍🔍 Malware scanner for cloud-native, as part of CI/CD and at Runtime 🔍🔍

sbomqs: The Comprehensive SBOM Quality & Compliance Tool

🔍 Seccomp profiling and function-level tracing tool.

Comprehensive set of Terraform coding standards designed for enterprise-level projects

CLI component of OWASP PurpleTeam

Mixeway is security orchestrator for vulnerability scanners which enable easy plug in integration with CICD pipelines. MixewayHub project contain one click docker-compose file which configure and run images from docker hub.

DevSecOps Project using git, GitHub, jenkins, Maven,Junit, SonarQube, Docker, Trivy, Hashicorp Vault, AWS, Kubernetes

Code examples for the AWS Security Blog post: How to use CI/CD to deploy and configure AWS security services with Terraform

DevSecOps pipeline for Python based project using Jenkins, Ansible, AWS, and open-source security tools and checks.

Application Security pipelines

Efficient DevSecOps

Building FlashFathom AI SAAS project that generate Flascards - Deployment Using DevSecOps Best Practices

SBOM Search - Context aware search in SBOM repositories

A set of Gitlab pipelines and Github workflows to automate and ease on BugBounty and Penetration Testing engagements

SBOM Move - Automate build and transfer of SBOMs across systems

A curated hub of DevSecOps tools to secure workflows, optimized for CI/CD and more

All of our GitHub Actions rolled into one. Or as we like to say: One GitHub Action to rule them all!

Using PyRaider You can scan installed dependencies known security vulnerabilities. It uses publicly known exploits, vulnerabilities database.