Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
-
Updated
Jul 9, 2024 - Go
Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
Runs Trivy as GitHub action to scan your Docker container image for vulnerabilities
🔓 🔓 Find secrets and passwords in container images and file systems 🔓 🔓
Enterprise-ready zero-trust access platform built on WireGuard®.
Open Source Cloud Native Application Protection Platform (CNAPP)
The MITRE Security Automation Framework (SAF) Command Line Interface (CLI) brings together applications, techniques, libraries, and tools developed by MITRE and the security community to streamline security automation for systems and DevOps pipelines
Trend Vision One File Security Go SDK
OWASP BLT is a bug logging tool to report issues and get points, companies are held accountable.
Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastructure-as-code with KICS by Checkmarx.
Netmaker makes networks with WireGuard. Netmaker automates fast, secure, and distributed virtual networks.
Trend Vision One File Security Python SDK
RapiDAST enables simple, continuous and fully automated application security testing
Prowler is an Open Source Security tool for AWS, Azure, GCP and Kubernetes to do security assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, Well-Architected Security, ENS and more
Chainloop is an Open Source evidence store for your Software Supply Chain attestations, SBOMs, VEX, SARIF, CSAF files, QA reports, and more.
DevSecOps, ASPM, Vulnerability Management. All on one platform.
The CVE Binary Tool helps you determine if your system includes known vulnerabilities. You can scan binaries for over 200 common, vulnerable components (openssl, libpng, libxml2, expat and others), or if you know the components used, you can get a list of known vulnerabilities associated with an SBOM or a list of components and versions.
Find and verify secrets
Vulnerable app with examples showing how to not use secrets
Add a description, image, and links to the devsecops topic page so that developers can more easily learn about it.
To associate your repository with the devsecops topic, visit your repo's landing page and select "manage topics."