Hello!
Here, I've curated a list of DevSecOps repositories that are available on GitHub.
For each repo, I added a description and statistics about a number of topics and mentioned tools.
last updated: 3 months ago
Stars: 1,2k
About:
“Curating the best DevSecOps resources and tooling.
DevSecOps is an extension of the DevOps movement that aims to bring security practices into the development lifecycle through developer-centric security tooling and processes.”
Ten tools topics with more than 100 useful tools. Links to the training, wikis, and a lot of useful resources about DevSecOps.
last updated: 2 months ago Stars: 5,3k
About:
“The Ultimate DevSecOps Library
This library contains a list of tools and methodologies accompanied by resources. The main goal is to provide to the engineers a guide through open source DevSecOps tooling. This repository covers only cyber security in the cloud and the DevSecOps scope.”
Seventeen topics with more than 200 useful tools. Links to the white papers, blogs, other Github repos, and a lot of helpful resources about DevSecOps.
last updated: 10 months ago Stars: 64
About:
“DevSecOps Project using git, GitHub, Jenkins, Maven, JUnit, SonarQube, Docker, Trivy, Hashicorp Vault, AWS, Kubernetes.
In this project, I created an end-to-end CI/CD pipeline while keeping in mind Securities Best Practices and DevSecOps principles and used all these tools Git, GitHub, Jenkins,Maven, Junit, SonarQube, Docker, Trivy, AWS S3, Docker Hub, Kubernetes, Slack, and Hashicorp Vault, to achieve the goal.”
This repository will be of interest to anyone looking to build a test project from scratch while implementing DevSecOps principles.
last updated: 3 years ago Stars: 4,4k
About:
“Inspired by the awesome-* trend on GitHub. This is a collection of documents, presentations, videos, training materials, tools, services and general leadership that support the DevSecOps mission. These are the essential building blocks and tidbits that can help you arrange for a DevSecOps experiment or build out your own DevSecOps program.”
Twelve topics with more than 80 useful tools. Links to the podcasts, guidelines, conferences (like DevSecCon or RSAC), and a lot of helpful resources about DevSecOps.
last updated: 2 months ago Stars: 1,8k
About:
“This playbook will help you introduce effective DevSecOps practices in your company, regardless of size. We provide explicit guidance and actionable steps to introduce security controls, measure their effectiveness, and demonstrate value for money to your business leaders. Following this playbook will help teams build materially more secure applications, and that, in the end, is the intent.”
last updated: 2 months ago Stars: 1,6k
About:
“♾️ Collection and Roadmap for everyone who wants DevSecOps. Hope your DevOps are more safe.
Spending a lot of time on applying DevSecOps is searching, comparing, and making decisions about tools. These tool lists are a good way to help you reduce unnecessary time and apply them quickly.”
Seven tools topics with more than 40 useful links to other resources about all of the application lifecycle (from design to operation and monitoring).
I hope you found this list helpful and that you found some useful information (because I did), even if you weren’t planning on starting a career in DevSecOps.
Also, I noticed that the awesome-devsecops repo with a lot of valuable tools hadn’t been updated for more than 3 years. Should I fork and support it, will it be useful for the community, what do you think?