A collection of resources to make it easy to add secure development practices to your project.

This project is a practical assignment of DevSecOps course: Applying Secure Software Development life cycle (SSDLC) principles through the project.

Create a secure CI/CD Pipeline using CDK and BridgeCrew and Bandit using Python 3

C5-DEC (Common Criteria for Cybersecurity, Cryptography, Clouds – Design, Evaluation and Certification) part of the CyFORT project: a suite of methods and CAD tools dealing with the creation and evaluation of secure IT systems according to the CC standards, capturing SSDLC, V&V, and our cyber-physical system security assessment method

secure helm charts

A curated list of awesome appsec tools available on Ubuntu 🗄️

An open requirement framework focused on the secure development and operation of web-based applications and services.

It contains the pipelines for each application inside this development group. It brings the complete SSDLC, with SAST, SCA, SSCA, and Testing tools for each respective language.

Collect crash (or UndefinedBehaviorSanitizer error) reports, triage, and estimate severity.

Secure SDLC process template

Awesome DevSecOps на русском языке

Ultimate DevSecOps library