GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → hysnsec → awesome-policy-as-code

hysnsec / awesome-policy-as-code

Licence: CC0-1.0 license
A curated list of policy-as-code resources like blogs, videos, and tools to practice on for learning Policy-as-Code.

Labels

awesomeawesome-listappsecdevsecopspolicy-as-codepractical-devsecops

Projects that are alternatives of or similar to awesome-policy-as-code

Awesome Threat Modelling
A curated list of threat modeling resources (Books, courses - free and paid, videos, tools, tutorials and workshops to practice on ) for learning Threat modeling and initial phases of security review.
Stars: ✭ 319 (+163.64%)
Mutual labels:  appsec, devsecops
Application Security Engineer Interview Questions
Some of the questions which i was asked when i was giving interviews for Application/Product Security roles. I am sure this is not an exhaustive list but i felt these questions were important to be asked and some were challenging to answer
Stars: ✭ 267 (+120.66%)
Mutual labels:  appsec, devsecops
intercept
INTERCEPT / Policy as Code Static Analysis Auditing / SAST
Stars: ✭ 54 (-55.37%)
Mutual labels:  devsecops, policy-as-code
Sbt Dependency Check
SBT Plugin for OWASP DependencyCheck. Monitor your dependencies and report if there are any publicly known vulnerabilities (e.g. CVEs). 🌈
Stars: ✭ 187 (+54.55%)
Mutual labels:  appsec, devsecops
Purify
All-in-one tool for managing vulnerability reports from AppSec pipelines
Stars: ✭ 72 (-40.5%)
Mutual labels:  appsec, devsecops
Dependency Track
Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.
Stars: ✭ 718 (+493.39%)
Mutual labels:  appsec, devsecops
Checkov
Prevent cloud misconfigurations during build-time for Terraform, Cloudformation, Kubernetes, Serverless framework and other infrastructure-as-code-languages with Checkov by Bridgecrew.
Stars: ✭ 3,572 (+2852.07%)
Mutual labels:  devsecops, policy-as-code
Reapsaw
Reapsaw is a continuous security devsecops tool, which helps in enabling security into CI/CD Pipeline. It supports coverage for multiple programming languages.
Stars: ✭ 37 (-69.42%)
Mutual labels:  appsec, devsecops
Njsscan
njsscan is a semantic aware SAST tool that can find insecure code patterns in your Node.js applications.
Stars: ✭ 128 (+5.79%)
Mutual labels:  appsec, devsecops
Sast Scan
Scan is a free & Open Source DevSecOps tool for performing static analysis based security testing of your applications and its dependencies. CI and Git friendly.
Stars: ✭ 234 (+93.39%)
Mutual labels:  appsec, devsecops
sample-scan-files
Sample scan files for testing DefectDojo imports
Stars: ✭ 60 (-50.41%)
Mutual labels:  appsec
perimeterator
'Continuous' AWS perimeter monitoring: Periodically scan internet facing AWS resources to detect misconfigured services.
Stars: ✭ 59 (-51.24%)
Mutual labels:  devsecops
zap-sonar-plugin
Integrates OWASP Zed Attack Proxy reports into SonarQube
Stars: ✭ 66 (-45.45%)
Mutual labels:  appsec
www-project-zap
OWASP Zed Attack Proxy project landing page.
Stars: ✭ 52 (-57.02%)
Mutual labels:  appsec
privapi
Detect Sensitive REST API communication using Deep Neural Networks
Stars: ✭ 42 (-65.29%)
Mutual labels:  devsecops
nmap-formatter
A tool that allows you to convert NMAP results to html, csv, json, markdown, graphviz (dot). Simply put it's nmap converter.
Stars: ✭ 129 (+6.61%)
Mutual labels:  devsecops
rode
Rode facilitates Automated Governance in your software supply chain. This repository contains the rode API which is the primary interface between the rode UI or rode Collectors and metadata storage in Grafeas. The rode API provides functions for metadata search and storage as well as policy creation and evaluation.
Stars: ✭ 48 (-60.33%)
Mutual labels:  policy-as-code
cryptonice
CryptoNice is both a command line tool and library which provides the ability to scan and report on the configuration of SSL/TLS for your internet or internal facing web services. Built using the sslyze API and ssl, http-client and dns libraries, cryptonice collects data on a given domain and performs a series of tests to check TLS configuration…
Stars: ✭ 91 (-24.79%)
Mutual labels:  appsec
OversecuredVulnerableiOSApp
Oversecured Vulnerable iOS App
Stars: ✭ 138 (+14.05%)
Mutual labels:  appsec
chimera-admission
A Kubernetes dynamic admission controller that uses WebAssembly policies to validate incoming requests
Stars: ✭ 25 (-79.34%)
Mutual labels:  policy-as-code
View All Similar Projects ➔

Awesome Policy-as-Code Awesome

List of awesome resources about Policy-as-Code included blogs, videos, and tools.

Contents

Blogs

Getting Started

Infrastructure-as-Code

CI/CD

Kubernetes

AWS

Azure

Videos

Getting Started

Infrastructure-as-Code

CI/CD

Kubernetes

Others

Tools

  • OPA - An open source, general-purpose policy engine that enables unified, context-aware policy enforcement across the entire stack

  • Styra DAS - Commercial tools for managing OPA at scale and created by the founders and maintainers of Open Policy Agent (OPA)

  • OPAL - Policy and data administration, distribution, and real-time updates on top of Open Policy Agent

  • HashiCorp Sentinel - A language and framework for policy built to be embedded in existing software to enable fine-grained, logic-based policy decisions

  • Regula - A tool that evaluates CloudFormation and Terraform infrastructure-as-code for potential AWS, Azure, and Google Cloud security and compliance violations prior to deployment

  • Intercept - Policy as Code static analysis auditing

  • Checkov - A static code analysis tool for infrastructure-as-code

  • Terrascan - Detects security vulnerabilities and compliance violations across your Infrastructure as Code

  • kics - Find security vulnerabilities, compliance issues, and infrastructure misconfigurations earlier

  • Gatekeeper - Policy Controller for Kubernetes

  • Gatekeeper Policy Manager (GPM)- A simple to use web-based Gatekeeper policies manager

  • Konstraint - A policy management tool for interacting with Gatekeeper

  • Kyverno - A policy engine designed for Kubernetes. It can validate, mutate, and generate configurations using admission controls and background scans

  • kube-mgmt - Sidecar for managing OPA on top of Kubernetes

  • MagTape - A Policy-as-Code tool for Kubernetes that allows for evaluating Kubernetes resources against a set of defined policies to inform and enforce best practice configurations

  • Fregot - A set of tools for working with the Rego policy language, which is part of the Open Policy Agent (OPA) policy engine

  • Deprek8ion - A set of rego policies to monitor Kubernetes APIs deprecations

Sponsor

Practical DevSecOps

Contributing

Please refer the guidelines at contributing.md for details.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].