Git Product home page Git Product logo

DevSecOps

Welcome to the DevSecOps initiative and software repositories. These repositories are meant to help build a community around DevOps + Security experimentation and lessons intended to help scale and deliver Rugged software. This is the primary repository to help with understanding the mission and getting involved. This is an actively evolving project and is intended to change over time.

This DevSecOps repository has been created to help security practitioners to understand DevSecOps, how to operate, and how to contribute to this effort.

#What is DevSecOps?

In summary, DevSecOps is a Rugged experiment intended to help us understand how to operate and scale Security to support DevOps. Several years ago, many of us realized that Josh Corman was right: "This is the end of Security as we know it." And to ensure the continued safety of the software developed via DevOps, we decided to lean in to experiment and learn what was required to scale security decisions and speed up security feedback for DevOps teams.

You can find more details here: What is DevSecOps? and also by reading the LinkedIn post first introduced on the DevSecOps web site.

devsecops's Projects

assumer icon assumer

An AWS cross-account tool to support human access with MFA for the CLI and GUI.

awesome-devsecops icon awesome-devsecops

An authoritative list of awesome devsecops tools with the help from community experiments and contributions.

bootcamp icon bootcamp

A open contribute bootcamp to develop DevSecOps skills...

controlplane icon controlplane

Your infrastructure is moving and so is your root of trust. This project helps to define a new control plane for locking down access and policies.

devsecops icon devsecops

This repository contains information about DevSecOps and how to get involved in this community effort.

devsecops.github.io icon devsecops.github.io

We host the DevSecOps projects site on Github Pages with the interface located here.

firebolt icon firebolt

A platform to create, catalog and deploy tests for tools such as Gauntlt, AttackIQ and Metasploit.

forecast icon forecast

Forecast is a big data environment for understanding security anomalies as they are presented in a project and is meant to aid in the collection of data for the end-to-end CICD pipeline.

gauntlt icon gauntlt

a ruggedization framework that embodies the principle "be mean to your code"

git-secrets icon git-secrets

Prevents you from committing secrets and credentials into git repositories

heroes icon heroes

Everyone is a hero in their own way. This repo provides a means of capturing the stories for DevSecOps heroes.

lambhack icon lambhack

A very hackable serverless application in AWS Lambda

playbook icon playbook

Coordination is key to success and originates from experiments that begin with manual operations and later get automated to scale. Playbook helps with this process and provides an automation framework to support this maturation process.

radar icon radar

Radar provides for early checks and review for software defined templates.

raindance icon raindance

Project intended to make Attack Maps part of software development by reducing the time it takes to complete them.

science icon science

It's time for some serious insights and for sharing the wealth. Here, we'll share the science behind making security decisions.

ssl_checks icon ssl_checks

This repo contains a collection of scripts to help with checks for SSL

wardley-maps icon wardley-maps

A repository for wardley maps related to security topics.

weatherman icon weatherman

Weatherman helps with visualizing security information and metrics for DevOps teams to remediate defects.

wm icon wm

An automation framework for finding and reporting bugs using chains

x-bootcamp icon x-bootcamp

An extreme bootcamp to enable teams to build DevSecOps into their environment.

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.