A hands-on lab demonstrating the architectural evolution of a Spring Boot application from a secure monolith to a fully observable, distributed system using modern DevSecOps practices.

SecuSphere Jenkins Plugin

Майнд-карта для совместного структурирования проблем с безопасностью веб-приложений и подборки решений для них.

TFM: Challenges in DevSecOps, DevSecOps best practices

Java SonarQube Integration

Verify your app was signed correctly. The service also verifies that the app wasn’t tampered with in any way that may prevent it from running on any mobile device

Secure delivery tracking system with Spring Boot, React, Docker, and CI/CD via GitHub Actions, featuring integrated DevSecOps tools and JWT authentication.

Sken.ai offers a DevOps-first Continuous Application Security Scanning. With Sken, your apps on Jenkins will be automatically scanned for security vulnerabilities. Sken is one tool to do all types of scans - SAST, DAST, SCA, Secrets and more, without the need for any AppSec expertise.

Eureka Server for service discovery

maven pipeline

Java Agent is a Java application probe of DongTai IAST, which collects method invocation data during runtime of Java application by dynamic hooks.

Sample Secure Pipeline with GithHub Actions - Ideal for Open Source Projects

SBOMaster: A SBOM Enhanced DevSecOps Pipeline Framework

Mantenimiento de Tipode Cambio (Backend-SpringBoot-JPA-Oracle)

Full CI/CD pipelines for employee management application, a Java-based dynamic web application with a database

Netflix Zuul API Gateway which will register with Eureka Server

API con vulnerabilidades para aprendizaje

Reference Implementation about Open Liberty. Build and Deploy API to Azure Kubernetes Services based on DevSecOps Practices

Automated security checks (secrets, dependencies, code, containers)🛡️