Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on playground 🚀

DevSecOps, ASPM, Vulnerability Management. All on one platform.

Reconmap is a collaboration-first security operations platform for infosec teams and MSSPs, enabling end‑to‑end engagement management, from reconnaissance through execution and reporting. With built-in command automation, output parsing, and AI‑assisted summaries, it delivers faster, more structured, and high‑quality security assessments.

OWASP BLT is a collection of security tools.

AI-driven Threat modeling-as-a-Code (TaaC-AI)

DevSecOps Toolchain

Ansible Playbooks for Security Automation with Ansible2 book

A Trivy plugin that scans and outputs the results (vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more) to an interactive html file.

Efficient DevSecOps

Внедрение и эксплуатация PT Application Inspector. Подробнее: https://habr.com/ru/company/pt/blog/557142/

Library to ingest and generate SBOMs

A curated hub of DevSecOps tools to secure workflows, optimized for CI/CD and more

In this workshop we will build a pipeline for a sample WordPress site in a stack. We will explore how to validate, lint and test templates, and dive deeper in tools that help you enforce compliance and network analysis, together with your development pipeline, for a full DevSecOps CI/CD.

Luminous Onion is a cutting-edge web application designed to revolutionize vulnerability management by seamlessly ingesting security reports from a variety of 3rd party tools. With its intuitive interface and powerful features, Luminous Onion empowers organizations to take charge of their cybersecurity posture like never before.

.4k4xs4pH1r3

Framework for building an individual CI/CD pipeline geared towards embedded systems

A capability modelling and visualisation tool for those on the DevSecOps journey

A reference collection of tools for security into DevOps organized in a chemical periodic table style.

A book for modern software engineering companies on software development teams and digital market competitiveness.

An ongoing & curated collection of awesome software best practices and techniques, libraries and frameworks, E-books and videos, websites, blog posts, links to github Repositories, technical guidelines and important resources about Secure Software Supply Chain Lifecycle in Cybersecurity.