/devguard-web

DevGuard Web Frontend - Manage your CVEs seamlessly, Integrate your Vulnerability Scanners, Documentation made easy, Compliance to security Frameworks - OWASP Incubating Project

Primary LanguageTypeScriptGNU Affero General Public License v3.0AGPL-3.0


DevGuard by L3montree Logo

DevGuard - Develop Secure Software - Frontend

Manage your CVEs seamlessly, Integrate your Vulnerability Scanners, Documentation made easy, Compliance to security Frameworks

Report Bug · Request Feature

Table of Contents
  1. About The Project
  2. Getting Started
  3. Usage
  4. Roadmap
  5. Contributing
  6. Code of Conduct
  7. License

About The Project

DevGuard is a vulnerability management that fits perfectly into any IT environment and ensures mitigation of vulnerabilities and complete documentation of the handling processes. It aims to be compliant to various security frameworks, like ISO 27001 or German BSI Grundschutz. With DevGuard you can easily go through the vulnerability management process:

  1. Consolidation of vulnerabilities
  2. Enhancing the data
  3. Risk Assessment
  4. Selection of the mitigation type
  5. Sharing of the vulnerability information to responsible parties
  6. Reporting

(back to top)

Built With

DevGuard is divided into two projects: A frontend (DevGuard Web) and a backend (DevGuard Backend).

Frontend (this project):

  • Next
  • React

Backend:

  • Go

(back to top)

Getting Started

To get a local copy up and running follow these simple example steps.

  1. Clone the repo 
    git clone https://github.com/l3montree-dev/devguard-web.git
  2. Install NPM packages 
    npm install
  3. Start the development server 
    npm run dev

(back to top)

Roadmap MVP

  • Consolidation of vulnerabilities
  • Enhancing the data
  • Risk Assessment
  • Selection of the mitigation type
  • Sharing of the vulnerability information to responsible parties
  • Reporting
  • Multi-language Support
    • German
    • English

See the open issues for a full list of proposed features (and known issues).

(back to top)

Contributing

Please read our contribution guide if you would like to report a bug, ask a question, or help us with coding.

(back to top)

Code of Conduct

Help us keep DevGuard open and inclusive. Please read and follow our Code of Conduct.

(back to top)

License

Distributed under the AGPL-3.0-or-later License. See LICENSE.txt for more information.

(back to top)

Build using kaniko

docker run --rm -v $(pwd):/workspace gcr.io/kaniko-project/executor:latest --dockerfile=/workspace/Dockerfile --context=/workspace --tarPath=/workspace/image.tar --no-push

go run ./cmd/devguard-scanner/main.go sca --assetName="rrree/projects/pro/assets/a" --apiUrl="http://127.0.0.1:8080" --path="../flawfix-web" --token="d4ff2f36b983b69dd36e441f58fcc0bc4f372ace1d12ecc040f1d860ea254f82"

go run ./cmd/devguard-scanner/main.go container-scanning --assetName="rrree/projects/pro/assets/a" --apiUrl="http://127.0.0.1:8080" --path="../flawfix-web/image.tar" --token="d4ff2f36b983b69dd36e441f58fcc0bc4f372ace1d12ecc040f1d860ea254f82"