Stars
Maturity models help integrate traditionally separate organizational functions, set process improvement goals and priorities, provide guidance for quality processes, and provide benchmark for appra…
This repository provides an ISO 27001:2022 Toolkit, including templates, checklists, and policies to help organizations implement the ISO 27001 Information Security Management System (ISMS).
DevSecOps Assessment Framework
Unified GUI Censorship Resistant Solution Powered by Xray
API Security Vulnerability Scanner designed to help you secure your APIs.
Public OCI-Image (docker image) Security Checker
An authoritative list of awesome devsecops tools with the help from community experiments and contributions.
Interactive roadmaps, guides and other educational content to help developers grow in their careers.
A list of open source web security scanners
Правила статического анализа для PT Application Inspector
A big list of homoglyphs and some code to detect them
Скрипты автоматизации для PT Application Inspector
This is a step-by-step guide to implementing a DevSecOps program for any size organization
The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala projects)
in-toto is a framework to protect supply chain integrity.
🦄 A curated list of privacy & security-focused software and services
Vulnerability scanner written in Go which uses the data provided by https://osv.dev
Code signing and transparency for containers and binaries
The OWASP DevSecOps Guideline can help us to embedding security as a part of the development pipeline.
♾️ Collection and Roadmap for everyone who wants DevSecOps. Hope your DevOps are more safe 😎
boostsecurityio/supply-chain-research
Source code about machine learning and security.
The OWASP Top 5 Machine Learning Risks[edit | edit source] The idea is to build the required resources which help software security community to understand the emerging technology of machine learn…