Runs Trivy as GitHub action to scan your Docker container image for vulnerabilities

Welcome to CloudCaptain, your one-stop-shop for all things cloud-related!

Integrate SonarQube scanner to GitHub Actions

Configure your Ubuntu 18.04, 20.04, 22.04, 24.04 Desktop as a development workstation for DevOps or DevSecOps

Mixeway is security orchestrator for vulnerability scanners which enable easy plug in integration with CICD pipelines. MixewayHub project contain one click docker-compose file which configure and run images from docker hub.

Helps you continuously monitor and fix common security vulnerabilities in your Django application.

A collection of technical and sales resources related to Prisma Cloud Compute and Prisma Cloud Enterprise created for the PANW Channel Partner Ecosystem and other engineers working with the solution

An ongoing & curated collection of awesome software best practices and techniques, libraries and frameworks, E-books and videos, websites, blog posts, links to github Repositories, technical guidelines and important resources about DevSecOps in Cybersecurity.

This repo includes a demo that shows how a Kubernetes cluster can be hijacked and how to prevent it using common best practices.

minikube in docker, k3s in docker, dind, low-code/no-code

All that is required to run MobSF in the ci

Git Anti-Virus Scan Action - Detect trojans, viruses, malware & other malicious threats.

Growing repository of Infrastructure as Code demos (initially created for DevOps Wall Street)

Gixposed is a powerful command-line tool designed to search the commit history of Git repositories for sensitive information, such as API keys and access tokens. Its purpose is to help developers and security professionals quickly identify and remediate exposed sensitive informations in their codebases.

Multi-tenancy assets for IBM clients to build SaaS

This action triggers on-demand scans for projects registered in APIsec.

This GitHub Action allows you to run Gitleaks in your GitHub workflow.

Templates to integrate Fortify application security testing with Amazon Web Services (AWS), Azure, Google Cloud Platform (GCP) and Oracle Cloud Infrastructure (OCI)

La intención de la workshop es mostrar y orientar a los equipos de desarrollo, seguridad y devops (entre otros) que quieran comenzar en DevSecOps, a segurar sus aplicaciones o bien a conocer un poco más acerca del desarrollo seguro, para esto, estaremos otorgando algunos tips e información que fuimos aprendiendo para armar un Pipeline DevSecOps …

A Helm Chart to deploy the Solutions Delivery Platform