A Continuous Threat Modeling methodology

A Pythonic framework for threat modeling

Web3 Enabler Web3 Enabler XRP for Salesforce enables users to accept XRP on the XRP Ledger in Salesforce.

Validate and auto-generate TypeScript types from raw SQL queries in PostgreSQL.

Contains symbols/icons used in Wardley Maps

An open source threat modeling tool from OWASP

The Security Champion Framework provides both a measuring stick and a roadmap generator for Champion Programs.

Policy and data administration, distribution, and real-time updates on top of Policy Agents (OPA, Cedar, ...)

SQL powered operating system instrumentation, monitoring, and analytics.

A CLI project wrapping application security testing (AST) APIs

Awesome Node.js Security resources

Threat matrix for CI/CD Pipeline

Minimum Viable Secure Product mvsp.dev

A curated list of threat modeling resources (Books, courses - free and paid, videos, tools, tutorials and workshops to practice on ) for learning Threat modeling and initial phases of security review.

😱 Falsehoods Programmers Believe in

OWASP Foundation Web Respository

OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies.

Talks at conferences, meetups, hackathons, and more, plus my speaker rider for good measure.

🐙 Cross-document messaging security research tool powered by https://enso.security

Install & Update codeql easily

A Rust crate for reading LDtk project files

A documentation and tracking project with the goal of making package management systems more secure.

Jenkins automation server

Crypto Audit Guidelines

Agile Threat Modeling Toolkit

WOSI - Women of Open Source Israel 🇮🇱

Shostack's 4 Question Frame for Threat Modeling

OWASP Foundation Web Respository

Threat Modeling Manifesto