{"id":23864897,"url":"https://github.com/dsogroup/devsecops","last_synced_at":"2026-02-11T13:01:54.513Z","repository":{"id":61851060,"uuid":"445203116","full_name":"dsogroup/DevSecOps","owner":"dsogroup","description":"开发和安全和运营：DevSecOps-Software development (Dev) and Security (Sec) and IT operations (Ops).","archived":false,"fork":false,"pushed_at":"2024-04-13T07:28:06.000Z","size":20863,"stargazers_count":26,"open_issues_count":0,"forks_count":7,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-10-31T01:36:11.610Z","etag":null,"topics":["0e0w","devops","devsecops"],"latest_commit_sha":null,"homepage":"","language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/dsogroup.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2022-01-06T14:43:03.000Z","updated_at":"2025-09-16T14:36:53.000Z","dependencies_parsed_at":"2024-04-19T04:00:53.146Z","dependency_job_id":null,"html_url":"https://github.com/dsogroup/DevSecOps","commit_stats":null,"previous_names":["dsogroup/devsecops","astteam/devsecops"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/dsogroup/DevSecOps","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dsogroup%2FDevSecOps","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dsogroup%2FDevSecOps/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dsogroup%2FDevSecOps/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dsogroup%2FDevSecOps/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/dsogroup","download_url":"https://codeload.github.com/dsogroup/DevSecOps/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dsogroup%2FDevSecOps/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":29333155,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-02-11T12:42:24.625Z","status":"ssl_error","status_checked_at":"2026-02-11T12:41:23.344Z","response_time":97,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["0e0w","devops","devsecops"],"created_at":"2025-01-03T08:46:16.967Z","updated_at":"2026-02-11T13:01:54.501Z","avatar_url":"https://github.com/dsogroup.png","language":null,"readme":"# DevSecOps-开发和安全和运营\n\n![DevSecOps](https://socialify.git.ci/ASTTeam/DevSecOps/image?description=1\u0026font=Inter\u0026forks=1\u0026issues=1\u0026name=1\u0026owner=1\u0026pattern=Floating%20Cogs\u0026pulls=1\u0026stargazers=1\u0026theme=Light)\n\n本项目用来收集整理学习DevSecOps相关内容，包括DevSecOps的理念产品以及衍生的工具思路等。包括开源安全、供应链安全、云原生安全等细分领域。当安全是所有 DevOps 的工作重心时，这便是DevSecOps。DevSecOps是一种方法，是将开发和安全和运营紧密结合起来的思想。DevSecOps-Software development (Dev) and Security (Sec) and IT operations (Ops).\n\n本项目创建于2022年10月20日，最近的一次更新时间为2023年10月10日。作者：[0e0w](https://github.com/0e0w/DevOps)\n\n- [01-DevSecOps资源]()\n- [02-DevSecOps书籍]()\n- [03-DevSecOps工具]()\n- [04-DevSecOps产品]()\n- [05-DevSecOps职位]()\n- [05-DevSecOps老师]()\n\n## 01-DevSecOps资源\n\n- https://github.com/topics/devsecops\n- https://github.com/search?q=devsecops\n\n一、基础资源\n- [ ] https://github.com/sottlmarek/DevSecOps\n- [ ] https://github.com/DefectDojo/django-DefectDojo\n- [ ] https://github.com/sidd-harth/kubernetes-devops-security\n- [ ] https://github.com/devsecops/awesome-devsecops\n- [ ] https://github.com/krol3/container-security-checklist\n- [ ] https://github.com/devsecops/bootcamp\n- [ ] https://github.com/TaptuIT/awesome-devsecops\n- [ ] https://github.com/hahwul/DevSecOps\n- [ ] https://github.com/lwindolf/lzone-cheat-sheets\n- [ ] https://github.com/magnologan/gha-devsecops\n- [ ] https://github.com/zemmali/DevSecOps-Toolchain\n- [ ] https://github.com/rcarrata/devsecops-demo\n- [ ] https://github.com/OWASP/DevSecOpsGuideline\n- [ ] https://github.com/michalkoczwara/DevSecOps-Studio\n- [ ] https://github.com/devsecops/devsecops\n- [ ] https://github.com/wurstbrot/DevSecOps-MaturityModel\n- [ ] https://github.com/dsohk/rancher-devsecops-workshop\n- [ ] https://github.com/boozallen/devsecops-example-helloworld\n- [ ] https://github.com/stelligent/aws-devsecops-workshop\n- [ ] https://github.com/aws-samples/devsecops-cicd\n- [ ] https://github.com/PGCSEDS-IIITH/devsecops-iris\n- [ ] https://github.com/We5ter/Awesome-DevSecOps-Platforms\n- [ ] https://github.com/ztosec/hunter\n- [ ] https://github.com/pawnu/PythonSecurityPipeline\n- [ ] https://github.com/aws-asean-builders/devsecops\n- [ ] https://github.com/baidu/openrasp\n- [ ] https://github.com/cloudsecurityalliance/wg-DevSecOps\n- [ ] https://github.com/0xsomnus/Solidity-DevSecOps-Standard\n- [ ] https://github.com/OWASP/glue\n- [ ] https://github.com/OWASP/RiskAssessmentFramework\n- [ ] https://github.com/michelin/ChopChop\n- [ ] https://github.com/AErmie/DevSecOps\n- [ ] https://github.com/GSA/DevSecOps\n- [ ] https://github.com/lgmorand/DevSecOpsTable\n- [ ] https://github.com/krol3/devsecops-resources\n- [ ] https://github.com/GSA/security-benchmarks\n- [ ] https://github.com/aws-samples/devsecops-workshop-on-aws\n- [ ] https://github.com/PacktPublishing/Accelerating-DevSecOps-on-AWS\n- [ ] https://github.com/trufflesecurity/trufflehog\n- [ ] https://github.com/SpectralOps/preflight\n- [ ] https://github.com/aquasecurity/tfsec\n- [ ] https://github.com/aquasecurity/trivy\n- [ ] https://github.com/gravitl/netmaker\n- [ ] https://github.com/prowler-cloud/prowler\n- [ ] https://github.com/bridgecrewio/checkov\n- [ ] https://github.com/turbot/steampipe\n- [ ] https://github.com/anteater/anteater\n- [ ] https://github.com/Swordfish-Security/awesome-devsecops-russia\n- [ ] https://mp.weixin.qq.com/s/_jBmFdtyXY5D_YrrTUP1iQ\n\n二、学术论文\n\n- [Google学术搜索](https://scholar.google.com.hk/scholar?hl=zh-CN\u0026as_sdt=0%2C5\u0026q=devsecops\u0026btnG=)\n\n三、论坛社区\n\n- 高效运维社区\n- DevOps时代社区\n\n四、其他资源\n- [ ] https://github.com/murphysecurity/murphysec\n- [ ] https://www.veracode.com/solutions/devsecops\n- [ ] https://github.com/BBVA/apicheck\n- [ ] https://github.com/defenseunicorns/zarf\n- [ ] https://github.com/rcarrata/devsecops-demo\n- [ ] https://github.com/fluidattacks/makes\n- [ ] https://github.com/cider-security-research/cicd-goat\n\n## 02-DevSecOps书籍\n\n一、中文书籍\n- [ ] [《DevSecOps敏捷安全》](https://item.jd.com/13272303.html)@子芽\n- [x] [《DevSecOps实战》](https://item.jd.com/13016425.html)@周纪海等著#50%\n\n二、英文书籍\n- [ ] [《DevSecOps》](https://item.jd.com/10028188284125.html)@Glenn Wilson\n- [ ] [《Learning Devsecops》](https://item.jd.com/10040874594859.html)@Ribeiro\n- [ ] https://github.com/6mile/DevSecOps-Playbook\n\n## 03-DevSecOps工具\n\n本部分主要关注DevSecOps中的Sec类工具，其中包括开源工具商业产品等。不仅是SAST工具！\n\n一、SAST\n- https://github.com/ASTTeam/SAST\n- https://github.com/ASTTeam/Fortify\n- https://github.com/ASTTeam/SonarQube\n- https://github.com/ASTTeam/Checkmarx\n- https://github.com/ASTTeam/CodeQL\n- https://github.com/ASTTeam/Semgrep\n- https://github.com/ASTTeam/BlackDuck\n\n二、DAST\n- https://github.com/ASTTeam/DAST\n\n三、IAST\n- https://github.com/ASTTeam/IAST\n\n四、SCA\n- https://github.com/ASTTeam/SCA\n\n五、Others\n- [ ] https://github.com/infobyte/faraday\n- [ ] https://github.com/tenable/terrascan\n- [ ] https://github.com/bunkerity/bunkerweb\n- [ ] https://github.com/deepfence/ThreatMapper\n- [ ] https://github.com/archerysec/archerysec\n- [ ] https://github.com/Checkmarx/kics\n- [ ] https://github.com/lunasec-io/lunasec\n- [ ] https://github.com/GitGuardian/ggshield\n\n## 04-DevSecOps产品\n\n- 悬境安全：https://www.xmirror.cn\n- 墨菲安全：https://www.murphysec.com\n- 火线安全：https://www.huoxian.cn\n- 探真科技：https://www.tensorsecurity.cn\n- 思客云：http://www.secureyun.cn\n- 龙智：https://www.shdsd.com\n- 开源网安：https://www.seczone.cn\n- 嘉为蓝鲸：https://www.canway.net\n- https://www.microfocus.com/zh-cn/devsecops\n\n## 05-DevSecOps岗位\n\n- [PingCAP-DevSecOps 安全专家](https://careers.pingcap.com/apply/pingcap/39950/#/job/3a7c73a4-cbd3-4381-bd68-8e5291710cf8)\n\n## 06-DevSecOps老师\n\n![Stargazers over time](https://starchart.cc//ASTTeam/DevSecOps.svg)","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdsogroup%2Fdevsecops","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fdsogroup%2Fdevsecops","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdsogroup%2Fdevsecops/lists"}