An enterprise friendly way of detecting and preventing secrets in code.
created at Dec. 5, 2017, 12:38 a.m.
ansible-lint checks playbooks for practices and behavior that could potentially be improved and can fix some of the most common ones for you
created at Aug. 14, 2013, 11:08 a.m.
Write tests against structured configuration data using the Open Policy Agent Rego query language
created at March 28, 2019, 5:12 p.m.
Memorable site for testing clients against bad SSL configs.
created at April 7, 2015, 10:37 p.m.
Kubernetes object analysis with recommendations for improved reliability and security. kube-score actively prevents downtime and bugs in your Kubernetes YAML and Charts. Static code analysis for Kubernetes.
created at Sept. 16, 2018, 1:19 p.m.
A command-line reference-implementation client for SSL Labs APIs, designed for automated and/or bulk testing.
created at Oct. 14, 2014, 10:10 a.m.
A curated list of threat modeling resources (Books, courses - free and paid, videos, tools, tutorials and workshops to practice on ) for learning Threat modeling and initial phases of security review.
created at Dec. 29, 2019, 6:30 a.m.
TerraGoat is Bridgecrew's "Vulnerable by Design" Terraform repository. TerraGoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments.
created at March 27, 2020, 4:56 p.m.
Vulnerability Patterns Detector for C# and VB.NET
created at Dec. 31, 2017, 9:38 a.m.