TerraGoat is Bridgecrew's "Vulnerable by Design" Terraform repository. TerraGoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments.
-
Updated
Jul 6, 2024 - HCL
TerraGoat is Bridgecrew's "Vulnerable by Design" Terraform repository. TerraGoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments.
This GitHub Action runs Checkov against infrastructure-as-code, open source packages, container images, and CI/CD configurations to identify misconfigurations, vulnerabilities, and license compliance issues.
Code examples for the AWS Security Blog post: How to use CI/CD to deploy and configure AWS security services with Terraform
Example hybrid security architectures utilizing DevSecOps principles to deploy F5 Distributed Cloud WAAP in conjunction with the F5 product portfolio.
Proof of Value Terraform Scripts to utilize Amazon Web Services (AWS) Security, Identity & Compliance Services to Support your AWS Account Security Posture.
How to setup a secure Kubernetes cluster on Azure
Complete CNAPP Demo using Prisma Cloud
Infrastructure as Code for SUTs
Example of zero-trust architecture with Caddy Server
Reference Implementation about IaC to deploy Azure Services, based on DevSecOps Practices
ArcGIS Automation using GitHub Actions
Microsoft Security DevOps (MSDO) Lab for testing Defender for DevOps integration on Azure.
Developed a Dinosaur Game in JavaScript, and deployed it on Docker Container and Kubernetes Cluster using Jenkins CI/CD pipeline while following the DevSecOps Prctices.
Maintain a AWS Security Group Rule to allow access from dynamic external ip address.
Add a description, image, and links to the devsecops topic page so that developers can more easily learn about it.
To associate your repository with the devsecops topic, visit your repo's landing page and select "manage topics."