Deploy Anchore Enterprise in an environment of your choice. Then follow through a series of labs that showcase how you can improve security across your software supply chain.
-
Updated
Jun 11, 2024 - Shell
Deploy Anchore Enterprise in an environment of your choice. Then follow through a series of labs that showcase how you can improve security across your software supply chain.
Prowler is an Open Source Security tool for AWS, Azure, GCP and Kubernetes to do security assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, Well-Architected Security, ENS and more
BigBang the product
Trusty Dependency Analysis Action
Find and verify secrets
Open Source Cloud Native Application Protection Platform (CNAPP)
Chainloop is an Open Source evidence store for your Software Supply Chain attestations, SBOMs, VEX, SARIF, CSAF files, QA reports, and more.
Agile Threat Modeling Toolkit
secureCodeBox (SCB) - continuous secure delivery out of the box
Cybersecurity Knowledge Base
🔧 JetBrains Qodana’s official command line tool
Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastructure-as-code with KICS by Checkmarx.
Supercharging GitHub!
OpenSCA is an open source software supply chain security solution that supports the detection of open source dependencies, vulnerabilities and license compliance with a widely noticed accuracy by the community.
Tool to achieve policy driven vetting of open source dependencies
Registry for cloud and SaaS providers for StackQL, generated from extensions to the providers OpenAPI3 specification
Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.
WireGuard®-based zero-trust access platform with OIDC auth, identity sync, and NAT traversal.
Add a description, image, and links to the devsecops topic page so that developers can more easily learn about it.
To associate your repository with the devsecops topic, visit your repo's landing page and select "manage topics."