Pinned Repositories
catalog
Catalog of shared Tasks and Pipelines.
chains
Supply Chain Security in Tekton Pipelines
checkov
Prevent cloud misconfigurations during build-time for Terraform, Cloudformation, Kubernetes, Serverless framework and other infrastructure-as-code-languages with Checkov by Bridgecrew.
checkov-action
A Github Action to run Checkov against an Infrastructure-as-Code repository. Checkov does static security analysis of Terraform, CloudFormation, Kubernetes, serverless framework and ARM templates
controller
cryptobom-forge
Tools and utilities needed to parse GitHub Multi-Repository Variant Analysis output
DependencyCheck
OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies.
django-DefectDojo
DefectDojo is an open-source application vulnerability correlation and security orchestration tool.
docker-alpine-glibc
Carefully crafted Alpine Docker image with glibc (~12MB)
docker-selenium
Provides a simple way to run Selenium Grid with Chrome, Firefox, and Edge using Docker, making it easier to perform browser automation
mtcolman's Repositories
mtcolman/catalog
Catalog of shared Tasks and Pipelines.
mtcolman/chains
Supply Chain Security in Tekton Pipelines
mtcolman/checkov
Prevent cloud misconfigurations during build-time for Terraform, Cloudformation, Kubernetes, Serverless framework and other infrastructure-as-code-languages with Checkov by Bridgecrew.
mtcolman/checkov-action
A Github Action to run Checkov against an Infrastructure-as-Code repository. Checkov does static security analysis of Terraform, CloudFormation, Kubernetes, serverless framework and ARM templates
mtcolman/controller
mtcolman/cryptobom-forge
Tools and utilities needed to parse GitHub Multi-Repository Variant Analysis output
mtcolman/DependencyCheck
OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies.
mtcolman/django-DefectDojo
DefectDojo is an open-source application vulnerability correlation and security orchestration tool.
mtcolman/docker-alpine-glibc
Carefully crafted Alpine Docker image with glibc (~12MB)
mtcolman/docker-selenium
Provides a simple way to run Selenium Grid with Chrome, Firefox, and Edge using Docker, making it easier to perform browser automation
mtcolman/helm-chart-sonarqube
mtcolman/helm-charts
OpenSourced Helm charts
mtcolman/kubei
KubeClarity is a tool for detection and management of Software Bill Of Materials (SBOM) and vulnerabilities of container images and filesystems. It scans both runtime K8s clusters and CI/CD pipelines for enhanced software supply chain security.
mtcolman/litmus
Litmus helps SREs and developers practice chaos engineering in a Cloud-native way. Chaos experiments are published at the ChaosHub (https://hub.litmuschaos.io). Community notes is at https://hackmd.io/a4Zu_sH4TZGeih-xCimi3Q
mtcolman/log4j-shell-poc
A Proof-Of-Concept for the CVE-2021-44228 vulnerability.
mtcolman/pipeline
A cloud-native Pipeline resource.
mtcolman/sample-cloud-native-toolchain-tutorial-20180507200649440
Created for toolchain: https://console.bluemix.net/devops/toolchains/22a57f6a-109e-4719-885e-8c209872c657?env_id=ibm%3Ayp%3Aeu-gb
mtcolman/slim
Slim(toolkit): Don't change anything in your container image and minify it by up to 30x (and for compiled languages even more) making it secure too! (free and open source)
mtcolman/snyk-tekton
A set of Tekton Tasks for using Snyk to check for vulnerabilities in your pipelines
mtcolman/terragoat
mtcolman/test
mtcolman/trivy-ci-test