Lists (1)
Stars
🔎 Static code analysis engine to find security issues in code.
OpenSSF Working Group on Securing Software Repositories
This is a step-by-step guide to implementing a DevSecOps program for any size organization
A project to visualize the software supply chain
A Continuous Threat Modeling methodology
OWASP Foundation Web Respository
Plugin for retrieving Dependencytrack metrics in Backstage
Secrets Patterns DB: The largest open-source Database for detecting secrets, API keys, passwords, tokens, and more.
The Security Champion Framework provides both a measuring stick and a roadmap generator for Champion Programs.
An enterprise friendly way of detecting and preventing secrets in code.
CLI tool and library for generating a Software Bill of Materials from container images and filesystems
Audit Dependency-Track findings and policy violations via policy as code
Creates CycloneDX Bill of Materials (BOM) for your projects from source and container images. Supports many languages and package managers. Integrate in your CI/CD pipeline with automatic submissio…
Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
CMS Scanner: Scan Wordpress, Drupal, Joomla, vBulletin websites for Security issues
Prevents you from committing secrets and credentials into git repositories
Software Component Verification Standard (SCVS)
A suite of tools to automate software compliance checks.
Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.
🔒 Consolidating and extending hosts files from several well-curated sources. Optionally pick extensions for porn, social media, and other categories.
Curated collection of useful little Java functions that you can understand quickly
Open-Source Unified Vulnerability Management, DevSecOps & ASPM
Passwordless authentication example application using Spring Boot and Spring Security