devsecops-pipeline
There are 88 repositories under devsecops-pipeline topic.
deepfence/YaraHunter
🔍🔍 Malware scanner for cloud-native, as part of CI/CD and at Runtime 🔍🔍
akto-api-security/akto
Proactive, Open source API security → API discovery, Testing in CI/CD, Test Library with 150+ Tests, Add custom tests, Sensitive data exposure
interlynk-io/sbomqs
SBOM quality score - Quality metrics for your sboms
casa-de-vops/terraform-code-standards
Comprehensive set of Terraform coding standards designed for enterprise-level projects
purpleteam-labs/purpleteam
CLI component of OWASP PurpleTeam
Mixeway/MixewayHub
Mixeway is security orchestrator for vulnerability scanners which enable easy plug in integration with CICD pipelines. MixewayHub project contain one click docker-compose file which configure and run images from docker hub.
aws-samples/aws-security-services-with-terraform
Code examples for the AWS Security Blog post: How to use CI/CD to deploy and configure AWS security services with Terraform
pawnu/PythonSecurityPipeline
DevSecOps pipeline for Python based project using Jenkins, Ansible, AWS, and open-source security tools and checks.
praveensirvi1212/DevSecOps-project
DevSecOps Project using git, GitHub, jenkins, Maven,Junit, SonarQube, Docker, Trivy, Hashicorp Vault, AWS, Kubernetes
Whitespots-OU/DevSecOps-Pipelines
Application Security pipelines
SecurityUniversalOrg/SecuSphere
Efficient DevSecOps
proditis/bugbounty-cicd
A set of Gitlab pipelines and Github workflows to automate and ease on BugBounty and Penetration Testing engagements
interlynk-io/sbomgr
SBOM Grep - search through SBOMs
SecureStackCo/actions-all-in-one
All of our GitHub Actions rolled into one. Or as we like to say: One GitHub Action to rule them all!
tilakthimmappa/pyraider
Using PyRaider You can scan installed dependencies known security vulnerabilities. It uses publicly known exploits, vulnerabilities database.
blues-man/vote-app-gitops
A demo of cloud-native Inner Loop and Outer Loop controlling a 2-tier app (Python + Go) with Red Hat OpenShift using Tekton Pipelines, Argo CD GitOps, Eclipse Che aka OpenShift DevSpaces and Quay.io registry
Mixeway/MixewayBackend
Mixeway is security orchestrator for vulnerability scanners which enable easy plug in integration with CICD pipelines. MixewayBackend project contains source code of backend with all plugin integrations writer in Spring Boot.
marcositu/workshop-devsecops
La intención de la workshop es mostrar y orientar a los equipos de desarrollo, seguridad y devops (entre otros) que quieran comenzar en DevSecOps, a segurar sus aplicaciones o bien a conocer un poco más acerca del desarrollo seguro, para esto, estaremos otorgando algunos tips e información que fuimos aprendiendo para armar un Pipeline DevSecOps básico.
Threagile/run-threagile-action
GitHub action to run Threagile, the agile threat modeling toolkit, on a repo's threagile.yaml file
purpleteam-labs/purpleteam-tls-scanner
TLS scanning component of OWASP PurpleTeam
PeterMosmans/gitlab-demolab
Quickly get a GitLab network up and running. The network consists of a GitLab server, docker-in-docker compatible GitLab runners, and SonarQube
Threagile/github-integration-example
Example of how to integrate Threagile into GitHub workflows
devsecops-workshop/workshop-guide
The workshop guide sources. The rendered website can be found here : https://devsecops-workshop.github.io/
jmessiass/devsecops
Exemplo de workflow de segurança que realiza testes SAST, SCA, DAST, Secrets Scan e IaC Scan via GitHub Actions utilizando ferramentas open source.
purpleteam-labs/purpleteam-orchestrator
Orchestrator component of OWASP PurpleTeam
purpleteam-labs/purpleteam-iac-sut
Infrastructure as Code for SUTs
purpleteam-labs/purpleteam-server-scanner
Server scanning component of OWASP PurpleTeam
Whitespots-OU/gitlab-ci-secrets
Gitlab CI jobs stdout secrets finder
apcj-f5/nap-devsecops-demo
Demonstration of security in CI/CD pipelines using NGINX App Protect
MoOyeg/trivy-tekton-example
Repository shows a self-contained example of how to run trivy in your Tekton CI/CD Pipeline.
OWASP/www-project-secure-pipeline-verification-standard--spvs-
OWASP Secure Pipeline Verification Standard
Peter-Lankton/go-devsecops-pipeline
An example of a devsecops pipeline for the GO programming language using GitHub Actions
purpleteam-labs/purpleteam-s2-containers
Stage Two containers of OWASP PurpleTeam
web-codegrammer/DevSecOps-Test-Pipeline
DevSecOps pipeline for Python based web app using Jenkins, Ansible, AWS, and open-source security tools and checks.