devsecops / awesome-devsecops Goto Github PK

Could you please add suggested good trainings on devsevops

This API has been unmaintained for several years, I'm the new owner and keeping it maintained now

• The API code
• Now official
• Official announcement
• Main issue
• Main PR
• What's changed

Interested in a PR?

RhinoSecurityLabs's cloudgoat environment could be a great addtion to your vulnerable targets list.
Link to repo: https://github.com/RhinoSecurityLabs/cloudgoat
Played with it myself a bit, and it's a great package with little to nothing monthly costs

One plus nord 30 5G, step by step to root and run the program?

OWASP Glue aims to ease the process of integrating exciting security tools into CI. I think it worth adding it - but I'm not sure under which tools category it should be.

I think it might be useful to have a section regarding vulnerability scanners; I'm not totally sure that any of them would fit into any of the existing categories (maybe in testing)? The tools I had in mind are the following:

• OpenVAS - https://github.com/greenbone/openvas-scanner
• Clair - https://github.com/coreos/clair

If this seems like a good idea I'd be happy to create a PR.

Thought of adding a section for books, trainings, etc?

I propose some could put the testing tools in categories for easier finding what fits your needs. For example some could categorize in native, web app and serverless. Plus categorizing in language, because the list now is quite long and if you only develop for example with ruby only you should walk through around 30 sources which is quite hard. If you agree with that I would like to do a pr.

These fit into the modern microservices model relatively well and are growing.