• An authoritative list of awesome devsecops tools with the help from community experiments and contributions.

    942 214 CC0-1.0 Updated Jul 24, 2018
  • Ruby 3 6 Apache-2.0 Updated Jul 17, 2018
  • An automation framework for finding and reporting bugs using chains

    Apache-2.0 Updated Apr 6, 2018
  • A open contribute bootcamp to develop DevSecOps skills...

    Shell 216 156 Apache-2.0 Updated Feb 12, 2018
  • An AWS cross-account tool to support human access with MFA for the CLI and GUI.

    Ruby 17 7 Apache-2.0 Updated Jan 19, 2018
  • 1 MIT Updated Dec 1, 2017
  • Python 29 14 Updated Aug 1, 2017
  • JavaScript 1 Updated Jul 6, 2017
  • Prevents you from committing secrets and credentials into git repositories

    Shell 6 243 Apache-2.0 Updated Jun 27, 2017
  • Ruby 9 5 Apache-2.0 Updated Apr 14, 2017
  • Metasploit Framework

    Ruby 7,057 Updated Mar 31, 2017
  • A very hackable serverless application in AWS Lambda

    Go 1 10 MIT Updated Mar 1, 2017
  • A repository for wardley maps related to security topics.

    17 2 MIT Updated Feb 15, 2017
  • Coordination is key to success and originates from experiments that begin with manual operations and later get automated to scale. Playbook helps with this process and provides an automation framework to support this maturation process.

    6 2 Apache-2.0 Updated Jan 27, 2017
  • Apache-2.0 Updated Jan 16, 2017
  • It's time for some serious insights and for sharing the wealth. Here, we'll share the science behind making security decisions.

    3 Apache-2.0 Updated Jan 16, 2017
  • An extreme bootcamp to enable teams to build DevSecOps into their environment.

    GCC Machine Description 4 1 Apache-2.0 Updated Jan 16, 2017
  • Go 3 Apache-2.0 Updated Jan 16, 2017
  • Project intended to make Attack Maps part of software development by reducing the time it takes to complete them.

    GCC Machine Description 13 16 Apache-2.0 Updated Nov 24, 2016
  • Everyone is a hero in their own way. This repo provides a means of capturing the stories for DevSecOps heroes.

    3 Updated Oct 16, 2016
  • Your infrastructure is moving and so is your root of trust. This project helps to define a new control plane for locking down access and policies.

    7 4 Apache-2.0 Updated Aug 7, 2016
  • A platform to create, catalog and deploy tests for tools such as Gauntlt, AttackIQ and Metasploit.

    Ruby 7 6 Updated Jul 22, 2016
  • Forecast is a big data environment for understanding security anomalies as they are presented in a project and is meant to aid in the collection of data for the end-to-end CICD pipeline.

    Ruby 13 3 Apache-2.0 Updated Jun 17, 2016
  • Weatherman helps with visualizing security information and metrics for DevOps teams to remediate defects.

    3 Apache-2.0 Updated Jun 17, 2016
  • We host the DevSecOps projects site on Github Pages with the interface located here.

    CSS 4 2 Updated May 25, 2016
  • Radar provides for early checks and review for software defined templates.

    Ruby 17 2 Apache-2.0 Updated May 7, 2016
  • a ruggedization framework that embodies the principle "be mean to your code"

    Ruby 118 MIT Updated Apr 15, 2016
  • This repository contains information about DevSecOps and how to get involved in this community effort.

    42 10 Updated Apr 7, 2016
  • This repo contains a collection of scripts to help with checks for SSL

    Shell 8 4 Updated May 1, 2014