CandyCrush game deployment on aws-eks using github-actions indevsecops-pipeline

This branch hosts Goof, a vulnerable Node.js demo app designed to showcase and test security flaws in open-source dependencies and code, while demonstrating Snyk's tools for detection and remediation.

This repository contains the complete resources, architecture, and setup instructions for building a production-grade DevSecOps CI/CD pipeline for a Node.js microservice using Jenkins, SonarQube, Docker, Kubernetes, and more.

Slides devsecops

Legacy CRM Spring MVC Project for TIC4302

This project features a robust CI/CD pipeline designed for a 3-tier application that supports CRUD (Create, Read, Update, Delete) operations. The pipeline automates the security, build, testing, and deployment processes, ensuring seamless delivery of features and enhancements.

The cep-backend project is a comprehensive solution for managing zip codes using cutting-edge technologies and modern development practices. Built primarily with Node.js and JavaScript, this project leverages various tools and platforms such as Docker, npm, MongoDB, Google Cloud Platform (GCP), SonarQube, Snyk, DevSecOps and Terraform.

A secure, automated DevSecOps pipeline for deploying a Starbucks Clone on AWS, featuring Jenkins CI/CD, SonarQube quality checks, and container security with Trivy and Docker Scout.

Repository contains Node.js code using Express library to make Backend app for DevOps flow demo.

Secure multi-cloud CI/CD with GitHub Actions — automated linting, testing, security scans, signing and deployments to AWS EKS & Azure AKS.

React JS Zomato clone Website

DevSecOps Starter Kit is a ready-to-use template to set up a secure development pipeline with FastAPI, React, Docker, and GitHub Actions. It includes security checks, vulnerability scans, and automated deployments, helping developers implement DevSecOps best practices from day one.

I'm slowly migrating my articles from Medium to my own blog. Until then, you can see my all my articles at https://manumagalhaes.medium.com/

DevSecOps CI/CD pipeline scanner — Jenkins, GitHub Actions, GitLab, Azure Pipelines

Meterials + Presentaions related to DevOps / DevSecOps

This project delivers a production-grade e-commerce application using a microservices architecture deployed on managed Kubernetes platforms (AWS EKS, Azure AKS, DigitalOcean). It follows DevSecOps best practices, integrating CI/CD pipelines, monitoring, centralized logging, and disaster recovery to ensure a secure, scalable infrastructure.

Comprehensive real-time security platform for Kubernetes-based cloud-native applications. Features runtime security monitoring, vulnerability scanning, compliance automation, and policy enforcement using OPA, Falco, Trivy, and Aqua Security.

This project is a Node.js and Express web application that supports CRUD operations for prof of concept for software development process. It is a containerized app using Docker and includes a CI/CD pipeline for building and pushing Docker images to AWS ECR. The application is deployed to an AWS EKS cluster using Kubernetes.

🔍 GitHub Advanced Security Audit Automation Template - Enterprise-grade compliance automation with OWASP, NIST, and ISO 27001 mapping. Perfect for Pluralsight GHAS course Module 4: Security Audit & Compliance Reporting.