devsecops

IAM Least Privilege anmalyzer and Terraformer

Check compliance of AWS configurations to security best practices.

Deploy, update, and stage your WAFs while managing them centrally via FMS

A tool to use AWS IAM credentials to authenticate to a Kubernetes cluster

Visualize AWS inventory and permissions through relationship graphs.

Helps to discover all AWS resources created in an account

API Security Testing with 150+ YAML Tests

Nikto web server scanner

Template based security scanning tool

OSS-Fuzz: Continuous Fuzzing for Open Source Software

CLI DAST tool incubator project

Skipfish is an active web application security reconnaissance tool

Centralized service for inspection, analysis, and certification of container images

Docker vulnerability scanner

CLI tool for directly patching container images

Container signing

Apache v2, powerful runtime vulnerability scanner for kubernetes, virtual machines and serverless.

Docker benchmarking against CIS

Static security scanner for Ansible playbooks, roles, and collections; outputs SARIF, CycloneDX SBOM, and GitLab SAST.

Looks for insecure patterns in CloudFormation

Checkov is a static code analysis tool for infrastructure-as-code

Checkmarx security testing opensource for IaC

Scans your repository with Sysdig IAC Scanner and report the vulnerabilities.

Check compliance of Terraform configurations to AWS security best practices.

Encryption/decryption utility for Ansible data files

AWS secrets manager docs

AWS Vault is a tool to securely store and access AWS credentials in a development environment

allows you to encrypt a Chef Data Bag Item

Gitleaks is a scanning tool for detecting hardcoded secrets

Gitrob is a tool to help find potentially sensitive files pushed to public repositories on Github

ASH is a one stop shop for security scanners, and does not require any installation. It will identify the different frameworks, and download the relevant, up to date tools. ASH is running on isolated Docker containers, keeping the user environment clean, with a single aggregated report. The following frameworks are supported: Git, Python, Javascript, Cloudformation, Terraform and Jupyter Notebooks.

Workflow and process automation

Security orchestration and vulnerability management platform

Security suite for Security Orchestration, vulnerability management and centralized information

AWS Fault injection simulator samples

The Chaos Engine is a tool that is designed to intermittently destroy or degrade application resources running in cloud based infrastructure. These events are designed to occur while the appropriate resources are available to resolve the issue if the platform fails to do so on it's own.

Test how your system behaves under arbitrary pod failures.

It is a cloud-native Chaos Engineering platform that orchestrates chaos on Kubernetes environments

Chaos Monkey is responsible for randomly terminating instances in production to ensure that engineers implement their services to be resilient to instance failures.

CLI tool to delete all resources in an AWS account

Check compliance of Azure configurations to security best practices.

Visualize Azure inventory and permissions through relationship graphs.

Check ARM, Bicep or Live Azure Tenant for security configuration best practices

Check Azure DevOps project for security configuration best practices