Skip to content
/ SAST Public

Enterprise-grade web application security checklist based on OWASP Top 10 (2021), designed for secure development, code review, audit, and vulnerability management in corporate environments.

License

View license
1 star 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

PCMKUIT/SAST

BranchesTags

Repository files navigation

Top10OWASP - SAST

Enterprise-grade web application security checklist based on OWASP Top 10 (2021), designed for secure development, code review, audit, and vulnerability management in corporate environments.

Usage

  1. Review SECURITY_CHECKLIST.md for guidance on OWASP Top 10 security controls.
  2. Use tools/ configs to scan your codebase - SAST (Static Application Security Testing) :
    • semgrep.yml for JavaScript
    • bandit_config.yaml for Python
  3. Refer to examples/ for demo output from scans.
  4. Integrate CI workflow in .github/workflows/security.yml for automated security checks on PRs.
  5. Use PR template .github/PULL_REQUEST_TEMPLATE.md to ensure security steps are verified before merging.

About

Enterprise-grade web application security checklist based on OWASP Top 10 (2021), designed for secure development, code review, audit, and vulnerability management in corporate environments.

Resources

Readme

License

View license
Activity

Stars

1 star

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages