devsecops-pipeline
There are 109 repositories under devsecops-pipeline topic.
akto-api-security/akto
Proactive, Open source API security → API discovery, API Security Posture, Testing in CI/CD, Test Library with 1000+ Tests, Add custom tests, Sensitive data exposure
deepfence/YaraHunter
🔍🔍 Malware scanner for cloud-native, as part of CI/CD and at Runtime 🔍🔍
interlynk-io/sbomqs
sbomqs: The Comprehensive SBOM Quality & Compliance Tool
alegrey91/harpoon
🔍 Seccomp profiling and function-level tracing tool.
casa-de-vops/terraform-code-standards
Comprehensive set of Terraform coding standards designed for enterprise-level projects
purpleteam-labs/purpleteam
CLI component of OWASP PurpleTeam
Mixeway/MixewayHub
Mixeway is security orchestrator for vulnerability scanners which enable easy plug in integration with CICD pipelines. MixewayHub project contain one click docker-compose file which configure and run images from docker hub.
praveensirvi1212/DevSecOps-project
DevSecOps Project using git, GitHub, jenkins, Maven,Junit, SonarQube, Docker, Trivy, Hashicorp Vault, AWS, Kubernetes
aws-samples/aws-security-services-with-terraform
Code examples for the AWS Security Blog post: How to use CI/CD to deploy and configure AWS security services with Terraform
pawnu/PythonSecurityPipeline
DevSecOps pipeline for Python based project using Jenkins, Ansible, AWS, and open-source security tools and checks.
Whitespots-OU/DevSecOps-Pipelines
Application Security pipelines
SecurityUniversalOrg/SecuSphere
Efficient DevSecOps
Suraj-kumar00/Flash-Fathom-AI
Building FlashFathom AI SAAS project that generate Flascards - Deployment Using DevSecOps Best Practices
interlynk-io/sbomgr
SBOM Search - Context aware search in SBOM repositories
proditis/bugbounty-cicd
A set of Gitlab pipelines and Github workflows to automate and ease on BugBounty and Penetration Testing engagements
SecureStackCo/actions-all-in-one
All of our GitHub Actions rolled into one. Or as we like to say: One GitHub Action to rule them all!
sk3pp3r/DevSecOps-Arsenal
A curated hub of DevSecOps tools to secure workflows, optimized for CI/CD and more
tilakthimmappa/pyraider
Using PyRaider You can scan installed dependencies known security vulnerabilities. It uses publicly known exploits, vulnerabilities database.
blues-man/vote-app-gitops
A demo of cloud-native Inner Loop and Outer Loop controlling a 2-tier app (Python + Go) with Red Hat OpenShift using Tekton Pipelines, Argo CD GitOps, Eclipse Che aka OpenShift DevSpaces and Quay.io registry
Mixeway/MixewayBackend
Mixeway is security orchestrator for vulnerability scanners which enable easy plug in integration with CICD pipelines. MixewayBackend project contains source code of backend with all plugin integrations writer in Spring Boot.
light-hat/python-devsecops
🐍📊 Jenkins-based DevSecOps pipeline for Python3 web applications (SAST, DAST, SCA).
marcositu/workshop-devsecops
La intención de la workshop es mostrar y orientar a los equipos de desarrollo, seguridad y devops (entre otros) que quieran comenzar en DevSecOps, a segurar sus aplicaciones o bien a conocer un poco más acerca del desarrollo seguro, para esto, estaremos otorgando algunos tips e información que fuimos aprendiendo para armar un Pipeline DevSecOps básico.
Threagile/run-threagile-action
GitHub action to run Threagile, the agile threat modeling toolkit, on a repo's threagile.yaml file
PeterMosmans/gitlab-demolab
Quickly get a GitLab network up and running. The network consists of a GitLab server, docker-in-docker compatible GitLab runners, and SonarQube
purpleteam-labs/purpleteam-tls-scanner
TLS scanning component of OWASP PurpleTeam
imran1509/DevSecOps-Project-Netflix-Deployment
Deploy a Netflix clone application using a secure CI/CD pipeline built with Jenkins, Docker 🐳 , and Kubernetes ☸️. This project includes implementing code quality and security tools (SonarQube, Trivy), as well as monitoring solutions (Prometheus, Grafana) to ensure reliability and visibility
NotHarshhaa/Zomato-Clone
This repository is a full-stack food delivery application inspired by Zomato. It includes a React.js frontend and integrates DevSecOps practices to ensure a secure and automated deployment pipeline.
Threagile/github-integration-example
Example of how to integrate Threagile into GitHub workflows
devsecops-workshop/workshop-guide
The workshop guide sources. The rendered website can be found here : https://devsecops-workshop.github.io/
jmessiass/devsecops
Exemplo de workflow de segurança que realiza testes SAST, SCA, DAST, Secrets Scan e IaC Scan via GitHub Actions utilizando ferramentas open source.
purpleteam-labs/purpleteam-iac-sut
Infrastructure as Code for SUTs
purpleteam-labs/purpleteam-orchestrator
Orchestrator component of OWASP PurpleTeam
purpleteam-labs/purpleteam-server-scanner
Server scanning component of OWASP PurpleTeam
OWASP/www-project-secure-pipeline-verification-standard--spvs-
OWASP Secure Pipeline Verification Standard