A hands-on lab demonstrating the architectural evolution of a Spring Boot application from a secure monolith to a fully observable, distributed system using modern DevSecOps practices.

Verify your app was signed correctly. The service also verifies that the app wasn’t tampered with in any way that may prevent it from running on any mobile device

SecuSphere Jenkins Plugin

TFM: Challenges in DevSecOps, DevSecOps best practices

Java SonarQube Integration

Майнд-карта для совместного структурирования проблем с безопасностью веб-приложений и подборки решений для них.

Sken.ai offers a DevOps-first Continuous Application Security Scanning. With Sken, your apps on Jenkins will be automatically scanned for security vulnerabilities. Sken is one tool to do all types of scans - SAST, DAST, SCA, Secrets and more, without the need for any AppSec expertise.

Eureka Server for service discovery

maven pipeline

Sample Secure Pipeline with GithHub Actions - Ideal for Open Source Projects

SBOMaster: A SBOM Enhanced DevSecOps Pipeline Framework

Netflix Zuul API Gateway which will register with Eureka Server

API con vulnerabilidades para aprendizaje

Secure delivery tracking system with Spring Boot, React, Docker, and CI/CD via GitHub Actions, featuring integrated DevSecOps tools and JWT authentication.

DevSecOps tool to show different interactive maturity models for topics like security, devops, devsecops, agile.

Reference Implementation about Open Liberty. Build and Deploy API to Azure Kubernetes Services based on DevSecOps Practices

Automated security checks (secrets, dependencies, code, containers)🛡️

Mantenimiento de Tipode Cambio (Backend-SpringBoot-JPA-Oracle)