TerraGoat is Bridgecrew's "Vulnerable by Design" Terraform repository. TerraGoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments.
This GitHub Action runs Checkov against infrastructure-as-code, open source packages, container images, and CI/CD configurations to identify misconfigurations, vulnerabilities, and license compliance issues.
Code examples for the AWS Security Blog post: How to use CI/CD to deploy and configure AWS security services with Terraform
Example architectures utilizing DevSecOps principles to deploy F5 Application Delivery and Security Platform solutions.
AWS DevSecOps Pipeline with Terraform
Complete CNAPP Demo using Prisma Cloud
Proof of Value Terraform Scripts to utilize Amazon Web Services (AWS) Security, Identity & Compliance Services to Support your AWS Account Security Posture.
How to setup a secure Kubernetes cluster on Azure
Comprehensive set of Terraform coding standards designed for enterprise-level projects
ForgeMT is a secure, scalable GitHub Actions runner platform for ephemeral workloads. Designed for multi-tenant environments, it automates isolated runner provisioning on Kubernetes or EC2, with built-in OIDC, IAM, cost optimization, and deep observability.
Infrastructure as Code for SUTs
90DaysOfDevOps Practice and Example files
TerraGoat is Bridgecrew's "Vulnerable by Design" Terraform repository. TerraGoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments.
Add a description, image, and links to the devsecops topic page so that developers can more easily learn about it.
To associate your repository with the devsecops topic, visit your repo's landing page and select "manage topics."