devsecops
Projects with this topic
-
Organisation for #everyonecancontribute cafe sessions (ideas & tasks)
Updated -
This basic note-taking application is used to showcase the different GitLab features around security and governance. To get started checkout the Full Tutorial Documentation.
Updated -
To fail a pipeline if any raw secrets are found in the code. It uses the GitGuardian API to scan for secrets.
Updated -
Security pipelines
Updated -
Simple Notes Application deployed to AWS EKS cluster.
Updated -
This project leverages GitLab's DevOps platform to demonstrate the seamless integration of development, security, and operations in deploying a cloud-native application. It highlights GitLab CI/CD pipelines and security scanning, showcasing a streamlined, secure software delivery process.
Updated -
Talk resources, demos, prompts
Updated -
Shiftleft CLI auto builder for Docker Hub
Updated -
-
GitLab Duo Coffee Chat, hosted by @dnsmichi Guest: Michael Aigner, @tonka3000
Updated -
-
Scans selected files for patterns stated in rules. This is used in order to find secrets you may have accidentally written to a file. This scanner is used to show how the GitLab vulnerability report can be populated by a custom scanner. You can see a demo of it in action be following the documentation in the Secret List project.
Updated -
Basic note-taking application used to learn how to implement DevSecOps with GitLab. Be sure to start by reading the docs!
Updated -
Runs a vulnerability scan using OpalOPC against a target server and creates an HTML and a SARIF report for the scan on completion.
Updated -
AI DevSecOps Serverless Scanners.
Updated -
Проект представляет собой GitLab репозиторий, настроенный для автоматической сборки и проверки Docker образов с использованием CI/CD pipeline. Основной целью проекта является демонстрация процесса интеграции и непрерывной доставки (CI/CD) в разработке программного обеспечения, а также контроль безопасности образов Docker при помощи инструмента Trivy. Проект включает в себя создание двух Docker образов, одного с критическими уязвимостями и другого с не критическими, и автоматическое управление merge requests для обеспечения безопасности и качества кода. Результаты работы проекта могут быть проверены и просмотрены в разделе "Code" > "Merge requests" на Gitlab.com.
Updated -
-
Damn Vulnerable NodeJS Application used as a POC for upcoming DevSecOps pipeline.
Updated -
A wiki on cloud security
Updated -
SecureApps@CI is a system for incorporating arbitrary safety tests in CI/CD pipelines.
Updated