awesome-oss-devsec

Security checklist

A curated list of developer-first security tools and controls relevant to compliance certifications.

An awesome list of OSS developer-first security tools

GitHub
170 stars
6 watching
13 forks
last commit: 5 months ago
Linked from 1 awesome list

developer-securityhacktoberfesthacktoberfest2022open-sourcesecuritysecurity-tools

Screenshot of boxyhq/awesome-oss-devsec website

awesome-oss-devsec.boxyhq.com

:!last-update-label: :compat-mode!: Awesome Open-Source Developer Security Tools
https://mvsp.dev/mvsp.en/index.html[MVSP Respond to security reports within a reasonable time frame | * 1.1]
https://mvsp.dev/mvsp.en/index.html[MVSP Ensure non-production environments do not contain production data | * 1.2]
https://mvsp.dev/mvsp.en/index.html[MVSP Comply with local laws and regulations in jurisdictions applicable to your company and your customers, such as GDPR, Binding Corporate Rules, and Standard Contractual Clauses | * 1.6]
https://github.com/deepfence/ThreatMapper[Deepfence SOC2 | * ThreatMapper]
https://hub.steampipe.io/mods?objectives=compliance[Steampipe Compliance Mods]
https://mvsp.dev/mvsp.en/index.html[MVSP Include the following information in the notification: ** Relevant point of contact ** Preliminary technical analysis of the breach ** Remediation plan with reasonable timelines | * 1.7]
https://github.com/boxyhq/jackson[BoxyHQ SOC2 CC6.1 | * SAML Jackson]
https://www.aserto.com[Aserto] SOC2 CC6.1 | *
https://github.com/boxyhq/jackson#directory-sync[BoxyHQ 1,865 6 days ago Directory Sync]
https://github.com/casbin/casbin[Casbin]
https://cerbos.dev[Cerbos]
https://github.com/ory/keto[Keto]
https://github.com/osohq/oso[Oso]
https://mvsp.dev/mvsp.en/index.html[MVSP Include the Strict-Transport-Security header on all pages with the directive | * 2.2]
https://hub.steampipe.io/plugins/turbot/net[Steampipe SOC2 CC6.7 | * Net Plugin]
https://github.com/drwetter/testssl.sh[testssl.sh]
https://owasp.org/www-project-dependency-check[OWASP SOC2 CC7.1 | * Dependency Check]
https://owasp.org/www-project-dependency-track[OWASP Dependency Track]
https://github.com/retracedhq[BoxyHQ SOC2 CC7.2 | * Audit Logs]
https://www.elastic.co/elastic-stack[ELK Stack]
https://www.fluentd.org[FluentD]
https://steampipe.io[Steampipe]
https://mvsp.dev/mvsp.en/index.html[MVSP Periodically test backup restoration | * 2.8]
https://github.com/Bearer/bearer[Bearer]
https://mvsp.dev/mvsp.en/index.html[MVSP Use of vulnerable libraries | * 3.3]
https://owasp.org/www-project-top-ten[OWASP SOC2 CC7.1 | * Top Ten]
https://owasp.org/www-project-zap/[OWASP Zap]
https://hub.steampipe.io/mods/turbot/net_insights[Steampipe Net Insights mod]
https://wapiti-scanner.github.io[Wapiti Scanner]
https://github.com/Bearer/bearer[Bearer]
https://github.com/bridgecrewio/AirIAM[AirIAM] SOC2 CC7.1 | *
https://github.com/aquasecurity/cloudsploit[Cloudsploit]
https://github.com/deepfence/ThreatMapper[Deepfence ThreatMapper]
https://github.com/controlplaneio/kubesec[Kubesec Kubernetes security]
https://github.com/prowler-cloud/prowler[Prowler for AWS]
https://hub.steampipe.io/mods?objectives=compliance,security[Steampipe Compliance & Security mods]
https://github.com/aquasecurity/trivy[Trivy container scanner]
https://github.com/GitGuardian/ggshield[GitGuardian] SOC2 CC7.1 | *
https://github.com/zricethezav/gitleaks[Gitleaks]
https://hub.steampipe.io/plugins/turbot/code[Steampipe Code Plugin]
https://github.com/Bearer/bearer[Bearer]

Backlinks from these awesome lists:

0