Skip to content

An application to assist in the organization and prioritization of software security activities.

License

Notifications You must be signed in to change notification settings

aparsons/bag-of-holding

Repository files navigation

Bag of Holding

The Bag of Holding is an application to assist in the organization and prioritization of software security activities.

Check out these talks which cover building your own AppSec pipeline:

Releases

For information about what's new as well as known issues, see RELEASES.md

Development Setup

For information on setting up a development environment, see INSTALL.md.

Docker Startup

Build and start the container

docker build -t bag-of-holding .
docker run -d -p 8000:8000 --name boh-server bag-of-holding:latest

Create super-user

docker exec -it boh-server sh
python3 /bag-of-holding/project/manage.py createsuperuser

Commands

ThreadFix

The following command will retrieve the latest metrics from ThreadFix for connected applications. We recommend this be run daily as a Cron job.

python manage.py cron --threadfix

License