{"id":6430,"url":"https://github.com/devops-ru/awesome-devsecops_ru","name":"awesome-devsecops_ru","description":"Подборка выступлений и публикаций на тему DevSecOps на русском и не только)","projects_count":38,"last_synced_at":"2026-06-17T16:00:26.982Z","repository":{"id":94055347,"uuid":"167821576","full_name":"devops-ru/awesome-devsecops_ru","owner":"devops-ru","description":"Подборка выступлений и публикаций на тему DevSecOps на русском и не только)","archived":false,"fork":false,"pushed_at":"2020-08-03T16:04:20.000Z","size":24,"stargazers_count":80,"open_issues_count":0,"forks_count":8,"subscribers_count":11,"default_branch":"master","last_synced_at":"2026-05-15T10:03:46.051Z","etag":null,"topics":["awesome","devsecops"],"latest_commit_sha":null,"homepage":null,"language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"cc-by-4.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/devops-ru.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null}},"created_at":"2019-01-27T15:02:38.000Z","updated_at":"2026-04-18T16:05:33.000Z","dependencies_parsed_at":"2023-04-28T04:31:02.105Z","dependency_job_id":null,"html_url":"https://github.com/devops-ru/awesome-devsecops_ru","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/devops-ru/awesome-devsecops_ru","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/devops-ru%2Fawesome-devsecops_ru","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/devops-ru%2Fawesome-devsecops_ru/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/devops-ru%2Fawesome-devsecops_ru/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/devops-ru%2Fawesome-devsecops_ru/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/devops-ru","download_url":"https://codeload.github.com/devops-ru/awesome-devsecops_ru/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/devops-ru%2Fawesome-devsecops_ru/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":33753925,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-26T15:22:16.424Z","status":"online","status_checked_at":"2026-05-31T02:00:06.040Z","response_time":95,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"created_at":"2024-01-07T06:07:18.443Z","updated_at":"2026-06-17T16:00:26.982Z","primary_language":null,"list_of_lists":false,"displayable":true,"categories":["Видео выступлений","Статьи","Обучение, курсы","Книги","Best practices","Безопасность облачных платформ (Clouds)","Разное"],"sub_categories":["Amazon Web Services (AWS)","Google Cloud Platform (GCP)"],"readme":"# Awesome DevSecOps RU  [![Awesome](https://cdn.rawgit.com/sindresorhus/awesome/d7305f38d29fed78fa85652e3a63e154dd8e8829/media/badge.svg)](https://github.com/sindresorhus/awesome)\n\nПодборка выступлений и публикаций на тему DevSecOps на русском и не только)\n\nПредложения и вопросы по контенту пишите пожалуйста в [issues](https://github.com/devsecops-ru/awesome-devsecops_ru/issues)\n\nА еще у нас есть [канал в телеграмме ヅ](https://t.me/devsecops_ru)\n\n## Видео выступлений\n\n* [Управление секретами при помощи Hashicorp Vault // Сергей Носков, Avito](https://youtu.be/klC4ssaPHZY), [DevOps Moscow meetup](https://www.meetup.com/DevOps-Moscow-in-Russian/), [слайды](https://speakerdeck.com/devopsmoscow/upravlieniie-siekrietami-v-avito-pri-pomoshchi-hashicorp-vault)\n* [Управление секретами при помощи Hashicorp Vault в Авито / Сергей Носков (Авито) (DevOpsConf Russia 2018)](https://youtu.be/oDdDPU6moTs)\n* [Страх и ненависть DevSecOps // Шабалин Юрий, Swordfish Security](https://youtu.be/ROH636e7Rx8), [DevOps Moscow meetup](https://www.meetup.com/DevOps-Moscow-in-Russian/), [слайды](https://speakerdeck.com/devopsmoscow/strakh-i-nienavist-devsecops)\n* [Security Compliance \u0026 DevOps // Степан Носов, IPONWEB](https://youtu.be/BtFeWnR1xXE), [DevOps Moscow meetup](https://www.meetup.com/DevOps-Moscow-in-Russian/), [слайды](https://speakerdeck.com/devopsmoscow/security-compliance-and-devops)\n* [Безопасность в Kubernetes (Дмитрий Лазаренко, Mail.Ru Cloud Solutions) / ♥ Kubernetes meetup](https://youtu.be/62XWgBIYnJ8)\n* [Practical steps for securing your container deployment, Liz Rice, Aqua Security](https://youtu.be/WSiCZ6v35gw), [страница доклада на DevOops 2018](https://2018.devoops.ru/2018/spb/talks/2yl4oqifo4oqqmwwgwg4as/)\n* [Modern security with microservices and the cloud, Seth Vargo, Google](https://youtu.be/Qx2N6EDIIow), [страница доклада на DevOops 2018](https://2018.devoops.ru/2018/spb/talks/14ss0jq4v8ci4ekuoewew6/)\n* [Мониторинг безопасности сайтов / Григорий Земсков (Ревизиум) (РИТ++2018, RootConf)](https://youtu.be/NbN_uOxRHOo)\n* [Enabling shift-left for 12k banking developers from scratch (DevSecCon London 2018)](https://youtu.be/6IRz6F5Y4Zo?list=PLZN13UbkqPfWNy4WUd0UuWYCss69n7A10)\n* [Maginot Line - 6 Common AppSec Anti-Patterns Preventing your Success (DevSecCon Singapore 2018)](https://youtu.be/u0tUea0Cbdc?list=PLZN13UbkqPfUmt4IZmoTWcbou-oxUivoV)\n\n## Статьи\n\n* [Безопасность internal сервисов, Всеволод Поляков](https://dvps.blog/biezopasnost-internal-siervisov)\n* A guide to automating HashiCorp Vault from Gruntwork [1](https://blog.gruntwork.io/a-guide-to-automating-hashicorp-vault-1-auto-unsealing-b219970f02c6), [2](https://blog.gruntwork.io/a-guide-to-automating-hashicorp-vault-2-authenticating-with-instance-metadata-c3f9eaeaba53), [3](https://blog.gruntwork.io/a-guide-to-automating-hashicorp-vault-3-authenticating-with-an-iam-user-or-role-a3203a3ee088)\n* [TLDR Безопасность разработки в Agile проектах](https://medium.com/some-tldrs-ru/tldr-безопасность-разработки-в-agile-проектах-f53f55298231)\n* [What Your Kubernetes Security Checklist Might Be Missing by Jim Bugwadia from Nirmata](https://thenewstack.io/what-your-kubernetes-security-checklist-might-be-missing/)\n* [A continuation of devops: policy as code by Gareth Rushgrove, QCon London 2019](https://speakerdeck.com/garethr/a-continuation-of-devops-policy-as-code)\n* [CONTINUOUS SECURITY IN THE DEVOPS WORLD by JULIEN VEHENT from MOZILLA SECURITY](https://jvehent.github.io/continuous-security-talk/#/)\n* [Саммари “Unit Testing Your Kubernetes Configurations Using Open Policy Agent — Gareth Rushgrove”, KubeCon + CloudNativeCon Europe 2019](https://medium.com/@Nklya/summary-unit-testing-your-kubernetes-configurations-using-open-policy-agent-gareth-rushgrove-81c3e6e15a91)\n* [Software Security Field Guide for the Bewildered от Ian Miell](https://zwischenzugs.com/2019/09/22/software-security-field-guide-for-the-bewildered/)\n* [The Path Less Traveled: Abusing Kubernetes Defaults, Black Hat USA 2019](https://speakerdeck.com/iancoldwater/the-path-less-traveled-abusing-kubernetes-defaults)\n* Серия статей про безопасность Docker от Swordfish Security:\n  * [Безопасность Docker](https://swordfishsecurity.ru/blog/docker_security)\n  * [Обзор утилит безопасности Docker](https://swordfishsecurity.ru/blog/obzor-utilit-bezopasnosti-docker)\n  * [Способы и примеры внедрения утилит для проверки безопасности Docker](https://swordfishsecurity.ru/docker-security-scanning-examples)\n  * [Репозиторий с примерами из статей](https://github.com/Swordfish-Security/docker_cicd/)\n\n## Обучение, курсы\n\n* [Платформа для изучения HashiCorp Vaut](https://learn.hashicorp.com/vault/)\n* [Крутая подборка небольших описаний методологий разработки](https://www.developmentthatpays.com/cheatsheets). Скидывайте вашим коллегам, если они не в теме)\n* [Security in Google Cloud Platform Specialization (Coursera)](https://www.coursera.org/specializations/security-google-cloud-platform/)\n\n## Книги\n\n* [Безопасность разработки в Agile проектах](https://dmkpress.com/catalog/computer/securuty/978-5-97060-648-3/)\n\n## Best practices\n\n* [The Early Security Engineer’s First 90 Days Checklist](https://www.sqreen.com/checklists/security-engineer-checklist)\n* [AWS Security Best Practices](https://www.sqreen.com/resources/aws-security-best-practices)\n* [10 Docker Image Security Best Practices](https://snyk.io/blog/10-docker-image-security-best-practices/)\n\n## Безопасность облачных платформ (Clouds)\n\n### Amazon Web Services (AWS)\n\n* [AWS re:Invent 2017: Making the Shift from DevOps to Practical DevSecOps (ABD337)](https://youtu.be/BAsLEsEVThM)\n* [DevOps and Cyber Security in AWS (DevSecOps)](https://medium.com/@block_matrix/devops-and-cyber-security-in-aws-devsecops-711a11bf8e7)\n\n### Google Cloud Platform (GCP)\n\n* [8 Google Cloud Security Best Practices](https://blog.paloaltonetworks.com/2019/04/8-google-cloud-security-best-practices/)\n* [A Security Practitioners Guide to Best Practice GCP Security (Cloud Next '18)](https://youtu.be/ZQHoC0cR6Qw)\n* [Best Practices for Privacy and Security in GCE (Cloud Next '19)](https://youtu.be/qDyjE1fIqkk)\n\n## Разное\n\n* [Linux logs data sources (for Information Security purposes). Links to appropriate Splunk Apps are available as well](https://docs.google.com/spreadsheets/d/1ccXuv4KZ1ndNFKwNuXpTgvgMgvQ16joUI408v232a9I) by [Rustam Abdullin](https://www.linkedin.com/in/rustam-abdullin-11010635/)\n* [DevSec Hardening Framework](https://dev-sec.io)\n* [Secure DevOps Practices poster](https://www.sans.org/security-resources/posters/secure-devops-practices/175/download)\n","projects_url":"https://awesome.ecosyste.ms/api/v1/lists/devops-ru%2Fawesome-devsecops_ru/projects"}