blackduck findbugs gradle githubactions

Jenkins Pipeline, Java based application using Kubernetes, Maven, SonarQube, Docker, Trivy.

This project Uses Nuclei to Detect Vulnerabilities in Early Developement In Kubernetes Infrastructure

sends an alert to telegram, when the CPU and Storage Server reach the threeshold set in

Repositório para documentação e projetos do estágio de DevSecOps.

a container for my remote development and security testings.

Steve's DevSecOps Tools

cheatsheet Dev SecOps

it's header checker for the website that you can use internal/public domains its give you a score!

A basic Ansible playbook to update and secure an ec2 linux based instance

repo for practical activity of the compass devsecops internship - sprint 006 - aws EC2 with docker.

🐙 Centralized repository for storing GitHub actions and other pipeline flows

Secure CentOS/Rocky Linux server deployment featuring full disk encryption (LUKS), CIS-compliant hardening, intrusion prevention (Fail2Ban), system auditing (AuditD), automatic patching, and professional documentation.

DevSecOps lab with GitOps, Kyverno, FluxCD, and secure Kubernetes workloads.

A comprehensive DevOps directory setup script that automatically creates an industry-standard project structure with Terraform, Ansible, Kubernetes, and more. Features include intelligent error handling, logging, health checks, and automated backup systems.

Secure and Automated, least privilege first approach to infra and cloud resource provisioning and configuration

Reference Implementation about Policy as Code applied to Azure based on DevSecOps Practices

Multi-cloud Policy-as-Code lab: Kubernetes OPA Gatekeeper, Azure Policy (Bicep), AWS SCPs, CI/CD with GitHub Actions, Security & Compliance Automation.

My own kubernetes penetration testing favorite methodologies, script, tools and resources.