awesome-devsecops

An authoritative list of awesome devsecops tools with the help from community experiments and contributions.

GitHub

5k stars

251 watching

968 forks

last commit: 5 months ago

devopsdevsecopspodcastthreat-intelligence

Screenshot of devsecops/awesome-devsecops website

devsecops.org

Information / Guidelines
Introduction to DevSecOps - DZone Refcard
Security Champions Playbook	342	about 1 year ago
Security Guide for Web Developers	20,909	over 2 years ago
A practical guide to build DAST with OWASP Zap	33	over 5 years ago
Introduction to security testing and tools
DevSecOps Hub
Information / Presentations
DevSecOps: Taking a DevOps Approach to Security
Mozilla's Test Driven Security in Continuous Integration
Security DevOps - staying secure in agile projects
Veracode's Defending the Cloud from a Full Stack Hack
Put Your Robots to Work: Security Automation at Twitter
The Three Faces of DevSecOps
Information / Initiatives
AWS Labs
DevOps and Audit Resources
DevSecOps
OpenDevSecOps
Rugged DevOps
Information / Keeping Informed
AWS Security
Azure Security
Ruby Weekly
Security Newsletter
SRE Weekly
Information / Wardley Maps for Security
Check out Figure 6 for Comparisons
DevSecOps Repo for Security Maps	46	over 7 years ago
Introduction to Wardley Maps
Security Industry Example
SOC Value Chain & Delivery Models
Training / Labs
DevSecOps Bootcamp	670	about 1 year ago
Exercism
Infoseclabs
Infrastructure Monitoring	124	over 7 years ago
Pentester Lab
Vulnhub
Training / Vulnerable Test Targets
Damn Vulnerable Web Application	10,023	12 days ago	(PHP/MySQL)
LambHack	94	almost 5 years ago	(Lambda)
Metasploitable			(Linux)
Mutillidae			(PHP)
NodeGoat	1,869	4 months ago	(Node)
OWASP Damn Vulnerable Serverless Application (DVSA)	532	about 1 year ago	(AWS Serverless)
OWASP Juice Shop	522	about 1 year ago	(NodeJS/Angular)
RailsGoat	866	about 2 months ago	(Rails)
WebGoat	6,892	12 days ago	(Web App)
WebGoat.Net	69	about 9 years ago	(.NET)
WebGoatPHP	119	7 months ago	(PHP)
Training / Conferences
AWS re:Inforce
AWS re:Invent
DevSecCon
DevOps Connect
DevOps Days
Goto Conference
IP Expo
ISACA Ireland
RSA Conference
All Day DevOps
Training / Podcasts
Arrested DevOps
Brakeing Down Security Podcast
Darknet Diaries
Defensive Security Podcast
DevOps Cafe
Down The Security Rabbithole
Food Fight Show
OWASP 24/7
Risky Business
Social Engineering Podcast
Software Engineering Radio
Take 1 Security Podcast
Tenable Security Podcast
The Secure Developer
Trusted Sec Podcast
Training / Books
DevOpsSec
Docker Securitiy - Quick Reference
Holistic Info-Sec for Web Developers
Securing DevOps
The DevOps Handbook (Section VI)
Tools / Dashboards
Grafana
Kibana
Tools / Automation
Demisto
OWASP Glue	522	about 1 year ago
StackStorm	6,053	9 days ago
Insider CLI	509	over 2 years ago
Tools / Hunting
GRR	4,756	25 days ago
kube-hunter	4,729	7 months ago
mig	1,206	about 5 years ago
Mirador
moloch	6,286	12 days ago
MozDef	2,168	almost 3 years ago
osquery
OSSEC
osxcollector	1,871	over 5 years ago
Tools / Testing
Brakeman
Checkov	7,016	5 days ago
Chef Inspec	2,849	7 days ago
Contrast Security
Cohesion
David
Deepfence ThreatMapper	4,781	5 days ago
Gauntlt
Hakiri
HusckyCI	571	5 months ago
Infer
IronWASP
kube-bench	6,981	1 day ago
Lynis
microscanner	858	over 3 years ago
Node Security Platform
npm-check
npm-outdated
OSS Fuzz	10,334	12 days ago
OWASP OWTF
OWASP ZAP
OWASP ZAP Node API	46	12 days ago
Progpilot	324	2 months ago
PureSec (Serverless Security)
RetireJS	3,663	8 days ago
RIPS
ShiftLeft Scan
Snyk
SourceClear
Tools / Alerting
411	971	over 1 year ago
Alerta	2,364	12 days ago
Elastalert	7,991	about 2 months ago
MozDef	2,168	almost 3 years ago
Tools / Threat Intelligence
Alien Vault OTX
Critical Stack
IBM X-Force
IntelMQ Feeds	63	5 months ago
OpenTPX
Passive Total
STIX, TAXII
Threat Connect
Tools / Attack Modeling
CAPEC
IriusRisk
Larry Osterman's Threat Modeling
SDL Threat Modeling Tool
SeaSponge
Threat Risk Modeling
Tools / Secret Management
BlackBox	6,678	2 months ago
Conjur	758	17 days ago
CredStash	2,058	over 2 years ago
Git Secrets	12,333	6 months ago
Keybase
Sops	16,431	11 days ago
Transcrypt	1,458	20 days ago
Vault
Tools / Red Team
EyeWitness	11	4 months ago
Hound	5,643	3 months ago
Tools / Visualization
Gephi
ShadowBuster	78	about 9 years ago
Wazuh
Tools / Sharing
Gitbook
Speaker Deck
Tools / ChatOps
Gitter
HipChat
MatterMost
Riot
Slack

awesome-devsecops

Information / Guidelines

Information / Presentations

Information / Initiatives

Information / Keeping Informed

Information / Wardley Maps for Security

Training / Labs

Training / Vulnerable Test Targets

Training / Conferences

Training / Podcasts

Training / Books

Tools / Dashboards

Tools / Automation

Tools / Hunting

Tools / Testing

Tools / Alerting

Tools / Threat Intelligence

Tools / Attack Modeling

Tools / Secret Management

Tools / Red Team

Tools / Visualization

Tools / Sharing

Tools / ChatOps