Devsecops
Showing 36 of 121 projects
A ruggedization framework for security testing that is usable by developers, operations, and security teams.
A security linting framework with IDE plugins and CLI tools that detects vulnerabilities as developers write code.
A security linting framework with IDE plugins and CLI tools that identifies vulnerabilities as developers write code.
A security scanner that analyzes agentic AI workflows for vulnerabilities, visualizes their structure, and hardens system prompts.
Regula checks infrastructure as code templates for AWS, Azure, Google Cloud, and Kubernetes security and compliance using Open Policy Agent/Rego.
Pike determines the minimum IAM permissions required to run OpenTofu/Terraform infrastructure code.
A security linter for npm and yarn lockfiles to detect malicious package injections and enforce trust policies.
A lightweight static analysis tool that validates security and correctness characteristics of Windows PE and Linux ELF binaries.
An ATT&CK-like threat matrix mapping adversary tactics and techniques specific to CI/CD pipeline security.
A Kubernetes RBAC static analysis tool that identifies security risks and visualizes RBAC design.
A security tool that scans code for secrets and passwords in JSON, JavaScript, and YAML files via CLI or GitHub PR webhooks.
A lightweight Python utility for running common security tests against GraphQL APIs, ideal for CI/CD checks.
A collection of GitHub Actions for Snyk to check projects for vulnerabilities across multiple languages and tools.
A deprecated GitHub Action for scanning code with SonarQube Cloud to detect quality and security issues.
A deployment checklist for securely deploying Docker containers on Linux-based hosts.
A curated collection of offensive security research, techniques, and tools for attacking CI/CD pipelines and software supply chains.
A static application security testing (SAST) CLI tool that scans source code for OWASP Top 10 vulnerabilities across multiple programming languages.
A fast scanning and attack toolkit for identifying and exploiting GitHub Actions vulnerabilities at scale.
A security-hardened container runtime for AI coding agents using Incus system containers with real-time threat detection and credential isolation.
A kubectl plugin for security risk analysis of Kubernetes resources like pods, deployments, daemonsets, and statefulsets.
A CI/CD framework powered by Nix for building secure and reproducible software supply chains.
A DevOps-first CLI tool for documenting threat models using HashiCorp Configuration Language (HCL).
A Visual Studio extension for real-time .NET secure code analysis that displays vulnerabilities as compiler warnings.
Open-source static analysis tool for Python, TypeScript, and Go that detects dead code, security vulnerabilities, and AI-generated regressions.
A Kubernetes admission controller that enforces security and reliability policies for workloads in multi-tenant clusters.
A curated list of resources for detecting threats and defending Kubernetes systems.
A framework to help organizations formulate and implement a strategy for software security tailored to their specific risks.
A security inspection tool for managed Kubernetes clusters that identifies common misconfigurations via Docker container and web UI.
A lightweight static analyzer for developers that finds code patterns across multiple programming languages.
A static security scanner for PHP code that identifies potential vulnerabilities without executing the code.
A GitHub scanning tool that identifies hardcoded credentials and filters false positives using machine learning models.
A security scanning CLI tool that detects vulnerabilities, secrets, and outdated dependencies across multiple programming languages.
A static application security testing (SAST) tool for PHP that detects vulnerabilities like XSS through taint analysis.
Collects assets and relationships from cloud, SaaS, and security systems into a Neo4j graph for security analysis.
A tool for extracting secrets from CI/CD environments by deploying malicious pipelines, supporting Azure DevOps, GitHub, and GitLab.
A CLI tool that validates AWS IAM policies in Terraform templates against AWS IAM best practices and custom checks.
Related Tags
Found a gem we're missing?
Open-Awesome is built by the community, for the community. Submit a project, suggest an awesome list, or help improve the catalog on GitHub.