Exemplo de workflow de segurança que realiza testes SAST, SCA, DAST, Secrets Scan e IaC Scan via GitHub Actions utilizando ferramentas open source.
-
Updated
Jan 29, 2024 - Python
Exemplo de workflow de segurança que realiza testes SAST, SCA, DAST, Secrets Scan e IaC Scan via GitHub Actions utilizando ferramentas open source.
Official Repository for 'Learning DevSecOps' by Michelle Ribeiro for O'Reilly Media
This project provision an ubuntu vm with pre-installed Jenkins, Docker, Kubernetes & git. The main purpose is to test locally CI/CD pipelines before deploying on production. elines.
Our documentation
Automated DevSecOps CICD pipeline for deploying a Netflix clone using Jenkins, Docker, Kubernetes, integrated with email notifications, and monitoring with Grafana and Prometheus.
OWASP Secure Pipeline Verification Standard
Use 'Makefile.sec + Docker' to run security tests in CI/CD pipelines.
Using PyRaider You can scan installed dependencies known security vulnerabilities. It uses publicly known exploits, vulnerabilities database.
Automated DevSecOps CICD pipeline for deploying a Netflix clone using Jenkins, Docker, Kubernetes, integrated with email notifications, and monitoring with Grafana and Prometheus.
React JS Zomato clone Website
Sample Web App with Maven and Jenkins for DevSecOps CI-CD Demo
Pipeline SAST, DAST, SCA in GitLab CI\CD and push reports to VM
Download Historic Reports using Veracode API
Sample Secure Pipeline with GithHub Actions - Ideal for Open Source Projects
Soteria pipeline with Drone CI and Argo CD
Create an end-to-end Dev(Sec)(Git)Ops CI/CD pipeline to Kubernetes
Add a description, image, and links to the devsecops-pipeline topic page so that developers can more easily learn about it.
To associate your repository with the devsecops-pipeline topic, visit your repo's landing page and select "manage topics."