ForgeMT is a secure, scalable GitHub Actions runner platform for ephemeral workloads. Designed for multi-tenant environments, it automates isolated runner provisioning on Kubernetes or EC2, with built-in OIDC, IAM, cost optimization, and deep observability.

A serverless, AI-driven threat intelligence pipeline on Google Cloud. Uses Gemini Pro to simulate, analyze, and visualize cyber threats in real-time.

This repository contains my research & stuffs that I have done in my past experiences

Reusable GitHub Actions workflows for automated security hardening, featuring modular scanners (SAST, container, IaC, malware) with consolidated reports and PR comments.

Enterprise-grade Azure Infrastructure (AKS, WAF, Private Link) provisioning with Terraform and secured via GitHub Actions (DevSecOps).

A hands-on Terraform troubleshooting lab using a broken ECS + ALB configuration. Learn to debug, fix, and improve real-world AWS infrastructure code.

Repository untuk tugas DevSecOps Week8 — Infrastructure as Code (IaC) Security

A comprehensive collection of reusable Terraform modules for Azure resources, designed to simplify infrastructure provisioning and promote best practices.

This GitHub Action runs Checkov against infrastructure-as-code, open source packages, container images, and CI/CD configurations to identify misconfigurations, vulnerabilities, and license compliance issues.

End-to-end Data Engineering project for crypto sentiment analysis — modular Terraform infrastructure, AWS Free Tier, Airflow orchestration, and CI/CD with GitHub Actions (OIDC).

The project showcases the successful implementation of two core DevOps principles: Shift Left Security (using Checkov) to prevent insecure code (e.g., open SSH ports) from being merged, and FinOps (using Infracost) to provide an instant monthly cost estimate directly in the Pull Request.

A small demo project to showcase a simple CI/CD pipeline, along with some security tools, GitHub Actions and Docker.

A production-grade AWS DevSecOps Hybrid CI/CD Factory that enforces security and compliance at every stage of the software delivery lifecycle. Built with a hybrid IaC approach using Terraform for core platform infrastructure and CloudFormation for CI/CD orchestration.

Production-ready automated container image vulnerability scanning system using AWS ECR, Inspector v2, Lambda, and EventBridge

Automated AWS DevSecOps infrastructure using Terraform: Secure VPC, EC2 with Apache, S3 bucket, IAM roles, CloudWatch monitoring & SNS alerts. Modular IaC showcasing security best practices. #Terraform #AWS #DevSecOps

Enterprise-grade AWS multi-account management with automated security, compliance, and cost controls. Features AWS Organizations, 11 SCPs, auto-remediation, and real-time compliance dashboards. Manages 50+ accounts with 95% reduction in security incidents.

Enterprise-grade secure multi-tenant SaaS infrastructure with Terraform, EKS, and DevSecOps pipeline. Features tenant isolation, zero-trust security, HIPAA/PCI-DSS/SOC 2 compliance, and automated cost allocation.

🚀 End-to-End DevSecOps pipeline integrating Terraform, Azure, and GitHub Actions with OpenID Connect (OIDC) authentication — eliminating the need for stored secrets. This project automates the provisioning of Azure infrastructure including Resource Groups, Virtual Networks, Azure Container Registry (ACR), and Azure Kubernetes Service (AKS), follow

End-to-End DevSecOps pipeline using Terraform and GitHub Actions for automated, secure Azure infrastructure deployments — featuring IaC validation, environment segregation, and GitHub Secrets-based authentication.

End-to-end MLOps pipeline that automates training, testing, containerization, and deployment of ML models on AWS ECS Fargate, exposed via API Gateway, with automated infrastructure provisioning, security scanning, approval gates, Slack notifications, and a frontend hosted on S3 and delivered via CloudFront for seamless user interaction.