Deploy Anchore Enterprise in an environment of your choice. Then follow through a series of labs that showcase how you can improve security across your software supply chain.
-
Updated
Jun 11, 2024 - Shell
#
devsecops
Here are 883 public repositories matching this topic...
Prowler is an Open Source Security tool for AWS, Azure, GCP and Kubernetes to do security assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, Well-Architected Security, ENS and more
python
aws
security
security-audit
cloud
azure
iam
gcp
forensics
compliance
hardening
security-hardening
gdpr
multi-cloud
security-tools
devsecops
cis-benchmark
well-architected
-
Updated
Jun 11, 2024 - Python
BigBang the product
-
Updated
Jun 11, 2024 - Smarty
Trusty Dependency Analysis Action
-
Updated
Jun 11, 2024 - Go
Find and verify secrets
security
credentials
secret
secret-management
verification
secrets
dynamic-analysis
scanning
hacktoberfest
precommit
security-tools
devsecops
trufflehog
-
Updated
Jun 11, 2024 - Go
Open Source Cloud Native Application Protection Platform (CNAPP)
kubernetes
devops
containers
secops
cloud-native
compliance
vulnerability-detection
vulnerability-management
hacktoberfest
observability
vulnerability-scanners
threat-analysis
security-tools
cloudsecurity
devsecops
scanning-tool
registry-scanning
cspm
cwpp
cnapp
-
Updated
Jun 11, 2024 - TypeScript
Chainloop is an Open Source evidence store for your Software Supply Chain attestations, SBOMs, VEX, SARIF, CSAF files, QA reports, and more.
security
open-source-licensing
compliance
license
spdx
attestation
devsecops
ospo
oss-compliance
sbom
in-toto
cyclonedx
slsa
supply-chain-security
sbom-distribution
slsa-provenance
metadata-platform
sbom-discovery
regulated-industry
-
Updated
Jun 11, 2024 - Go
Agile Threat Modeling Toolkit
security
agile
risk-analysis
architecture
infosec
cicd
threat-modeling
risk-management
devsecops
threagile
-
Updated
Jun 11, 2024 - Go
secureCodeBox (SCB) - continuous secure delivery out of the box
kubernetes
security
owasp
kubernetes-operator
hacktoberfest
owasp-zap
security-automation
security-tools
devsecops
security-testing
securecodebox
-
Updated
Jun 11, 2024 - JavaScript
Cybersecurity Knowledge Base
security
cheatsheet
cybersecurity
francais
vulnerability
infosec
devsec
pentest
cyber-security
infosec-reference
security-cheat-sheets
devsecops
francophone
cybersecurity-education
hacking-cheasheet
hacking-cheatsheet
devsecops-best-practices
cyber-resources
radiofrequency
cybersecurity-tools
-
Updated
Jun 11, 2024 - PowerShell
🔧 JetBrains Qodana’s official command line tool
javascript
kotlin
python
java
cli
php
typescript
static-code-analysis
ci
code-review
code-quality
sarif
devsecops
code-scanning
qodana
sarif-report
-
Updated
Jun 11, 2024 - Go
Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
go
docker
kubernetes
golang
security
containers
iac
vulnerability
infrastructure-as-code
vulnerability-detection
hacktoberfest
vulnerability-scanners
security-tools
devsecops
misconfiguration
-
Updated
Jun 11, 2024 - Go
Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastructure-as-code with KICS by Checkmarx.
golang
security
iac
infrastructure-as-code
cloudnative
appsec
vulnerability-detection
hacktoberfest
vulnerability-scanners
security-tools
devsecops
open-policy-agent
-
Updated
Jun 11, 2024 - Open Policy Agent
Supercharging GitHub!
github
github-api
github-pages
devops
developer-tools
developer-experience
devsecops
github-actions
github-config
devsecops-best-practices
-
Updated
Jun 11, 2024 - HTML
OpenSCA is an open source software supply chain security solution that supports the detection of open source dependencies, vulnerabilities and license compliance with a widely noticed accuracy by the community.
security
static-analysis
vulnerabilities
spdx
software-supply-chain
sca
swid
devsecops
software-composition-analysis
software-bill-of-materials
license-compliance
sbom
cyclonedx
software-supply-chain-security
-
Updated
Jun 11, 2024 - Go
Tool to achieve policy driven vetting of open source dependencies
-
Updated
Jun 11, 2024 - Go
Registry for cloud and SaaS providers for StackQL, generated from extensions to the providers OpenAPI3 specification
github
devops
cloud
sql
gcp
netlify
okta
devsecops
openapi3
cloud-security
asset-management
cloud-automation
stackql
-
Updated
Jun 11, 2024 - Go
Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.
security
security-audit
privacy
static-code-analysis
static-analysis
owasp
dataflow
vulnerability
code-quality
compliance
vulnerabilities
appsec
security-scanner
gdpr
security-automation
security-tools
devsecops
sast
devsecops-tools
-
Updated
Jun 11, 2024 - Go
WireGuard®-based zero-trust access platform with OIDC auth, identity sync, and NAT traversal.
security
cloud
privacy
elixir
phoenix
networking
network
firewall
self-hosted
vpn
rust-lang
vpn-server
elixir-lang
network-security
wireguard
virtual-network
devsecops
liveview
wireguard-vpn
wireguard-ui
-
Updated
Jun 11, 2024 - Elixir
Improve this page
Add a description, image, and links to the devsecops topic page so that developers can more easily learn about it.
Add this topic to your repo
To associate your repository with the devsecops topic, visit your repo's landing page and select "manage topics."