🔧 JetBrains Qodana’s official command line tool
The security workflow engine!
DevGuard Backend - Secure your Software Supply Chain - Attestation-based compliance as Code, manage your CVEs seamlessly, Integrate your Vulnerability Scanners, Security Framework Documentation made easy - OWASP Incubating Project
Netmaker makes networks with WireGuard. Netmaker automates fast, secure, and distributed virtual networks.
World's most advanced database DevSecOps solution for Developer, Security, DBA and Platform Engineering teams. The GitHub/GitLab for database DevSecOps.
Trend Vision One File Security Go SDK
SPIKE is a lightweight secrets store that uses SPIFFE as its identity control plane. It protects your secrets and helps your ops, SREs, and sysadmins manage sensitive data securely with minimal overhead.
Protect against malicious open source packages 🤖
Mobile Reconnaissance Framework is a powerful, lightweight and platform-independent offensive mobile security tool designed to help hackers and developers identify and address sensitive information within mobile applications.
Find, verify, and analyze leaked credentials
Zero-ETL, infinite possibilities. Live query APIs, code & more with SQL. No DB required.
Evidence store and policy engine for your Software Supply Chain attestations, SBOMs, VEX, SARIF, QA reports, and more
Registry for cloud and SaaS providers for StackQL, generated from extensions to the providers OpenAPI3 specification
🌙🦊 Dalfox is a powerful open-source XSS scanner and utility focused on automation.
🧵 CLI tool for directly patching container images!
Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.
Add a description, image, and links to the devsecops topic page so that developers can more easily learn about it.
To associate your repository with the devsecops topic, visit your repo's landing page and select "manage topics."