4829 Open source projects that are alternatives of or similar to Awesome Devsecops

Prevent cloud misconfigurations during build-time for Terraform, Cloudformation, Kubernetes, Serverless framework and other infrastructure-as-code-languages with Checkov by Bridgecrew.

🤖 An open source chat-ops bot framework

Faraday introduces a new concept - IPE (Integrated Penetration-Test Environment) a multiuser Penetration test IDE. Designed for distributing, indexing, and analyzing the data generated during a security audit.

Awesome PHP Security Resources 🕶🐘🔐

Capture-the-Flag (CTF) environment setup tools for OWASP Juice Shop

Some of the questions which i was asked when i was giving interviews for Application/Product Security roles. I am sure this is not an exhaustive list but i felt these questions were important to be asked and some were challenging to answer

DevOps Guide - Development to Production all configurations with basic notes to debug efficiently.

Open source and extensible Platform as a Service (PaaS).

This repository contains information about DevSecOps and how to get involved in this community effort.

Go client library for the SecretHub Secrets Management API

SBT Plugin for OWASP DependencyCheck. Monitor your dependencies and report if there are any publicly known vulnerabilities (e.g. CVEs). 🌈

Security scanner for your Terraform code

Errbot is a chatbot, a daemon that connects to your favorite chat service and bring your tools and some fun into the conversation.

Spinnaker Pipeline/Infrastructure Configuration and Templating Tool - Pipelines as Code.

A reading/viewing list for larval stage sysadmins and SREs

Jenkins automation server

Terraform Pull Request Automation

OWASP Juice Shop: Probably the most modern and sophisticated insecure web application

secureCodeBox (SCB) - continuous secure delivery out of the box

Sentry is cross-platform application monitoring, with a focus on error reporting.

📚 Overview 🔒 Tooling 🔒 Process 🔒 Physical 🔒 People 📚

The DevSecOps toolset for REST APIs

Build better AWS infrastructure

⏰A Prometheus exporter for Hapi, express and Marble.js servers to automatically measure request timings 📊

✈️ Effortless, self-hosted continuous deployment for small teams and projects

The Mobile.BuildTools makes it easier to develop code bases in a clean, consistent, secure, and configurable way. Determine at Build which environment your app needs to run on, and what Client Secrets it should have. Plus many more amazing features!

🔖 +4.3K awesome resources for geeks and software crafters 🍺

This repo is a one stop destination to find resources for learning various domains. You can find the roadmap for any domain here.

Main Liquibase Source

🔐 Docker Container for Penetration Testing & Security

Vimana is an experimental security framework that aims to provide resources for auditing Python web applications.

CLI to interact with Kondukto

A rapid development environment using docker for convenience.

GitGuardian Shield GitHub Action - Find exposed credentials in your commits

Enterprise-Grade Continuous Delivery & DevOps Automation Open Source Platform

Unleash is the open source feature toggle service.

Osquery launcher, autoupdater, and packager

Knowledge seeks no man

⭐️ A curated list of companies that offer their services for free to Open Source projects

Identify vulnerabilities in running containers, images, hosts and repositories

kube-scan: Octarine k8s cluster risk assessment tool

An authoritative list of awesome devsecops tools with the help from community experiments and contributions.

Scanner for vulnerabilities in container images, file systems, and Git repositories, as well as for configuration issues

Leading Open Source Container Attached Storage, built using Cloud Native Architecture, simplifies running Stateful Applications on Kubernetes.

A process for automating Docker container base image updates.

Chef Infra, a powerful automation platform that transforms infrastructure into code automating how infrastructure is configured, deployed and managed across any environment, at any scale

A flexible commandline tool for template rendering. Supports lots of local and remote datasources.

⚡️ A dev tool for microservice developers to run local applications and/or forward others from/to Kubernetes SSH or TCP

Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.

Golang implementation of Graphite/Carbon server with classic architecture: Agent -> Cache -> Persister

Centralize Vulnerability Assessment and Management for DevSecOps Team

DefectDojo is an open-source application vulnerability correlation and security orchestration tool.

Supporting your devops by shortening your strings using common abbreviations and clever guesswork

Free Introduction to Bash Scripting eBook

Git with a cup of tea, painless self-hosted git service

Command line tool to validate configuration files

🔱 Collection and Roadmap for everyone who wants DevSecOps.

A unified DevSecOps Framework that allows you to go from iterative, collaborative Threat Modeling to Application Security Test Orchestration

linux运维监控工具，支持系统信息，内存，cpu，温度，磁盘空间及IO，硬盘smart，系统负载，网络流量等监控，API接口，大屏展示，拓扑图，进程监控，端口监控，docker监控，文件防篡改，日志监控，数据可视化，web ssh，堡垒机，指令下发批量执行，linux面板，探针，故障告警

Set up CUDA for machine learning (and gaming) on macOS using a NVIDIA eGPU