Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.
-
Updated
Jul 2, 2024 - Java
Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.
Vulnerable app with examples showing how to not use secrets
Proactive, Open source API security → API discovery, Testing in CI/CD, Test Library with 150+ Tests, Add custom tests, Sensitive data exposure
Java Agent is a Java application probe of DongTai IAST, which collects method invocation data during runtime of Java application by dynamic hooks.
SonarQube plugin for identifying hardcoded secrets, such as passwords, API keys, AWS credentials, etc..
DevSecOps Project using git, GitHub, jenkins, Maven,Junit, SonarQube, Docker, Trivy, Hashicorp Vault, AWS, Kubernetes
Maven plugin that integrates with a Dependency Track server to submit dependency manifests and optionally fail execution when vulnerable dependencies are found.
Test and monitor your projects for vulnerabilities with Jenkins. This plugin is officially maintained by Snyk.
Easy-to-use Threat modeling-as-a-Code (TaaC) solution following DevSecOps principles. Simple CI/CD integration as well as console usage. Sugar-Free and Secure: no any external dependencies except for chart plotting are used
Export Fortify vulnerability data to GitHub, GitLab, SonarQube and more
Fortify Jenkins plugin
Dongtai-plugin-idea is an IDEA plug-in developed by DongTai team for Java Web application developers. This plug-in provides functions such as vulnerability detection and code audit during application development, enabling developers to find application vulnerabilities more intuitively, quickly and in real time during application development.
Sonarqube cloudformation plugin, IaC security supports cfn-nag/checkov
A Java agent that disables platform features you don't use, before an attacker uses them against you.
Mixeway is security orchestrator for vulnerability scanners which enable easy plug in integration with CICD pipelines. MixewayBackend project contains source code of backend with all plugin integrations writer in Spring Boot.
Jenkins Plugin from Contrast Security
Nuclei is a fast tool for configurable targeted vulnerability scanning based on templates offering massive extensibility and ease of use.
Майнд-карта для совместного структурирования проблем с безопасностью веб-приложений и подборки решений для них.
Add a description, image, and links to the devsecops topic page so that developers can more easily learn about it.
To associate your repository with the devsecops topic, visit your repo's landing page and select "manage topics."