Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/astteam/devsecops
开发和安全和运营:DevSecOps-Software development (Dev) and Security (Sec) and IT operations (Ops).
https://github.com/astteam/devsecops
0e0w devops devsecops
Last synced: about 2 months ago
JSON representation
开发和安全和运营:DevSecOps-Software development (Dev) and Security (Sec) and IT operations (Ops).
- Host: GitHub
- URL: https://github.com/astteam/devsecops
- Owner: ASTTeam
- Created: 2022-01-06T14:43:03.000Z (almost 3 years ago)
- Default Branch: main
- Last Pushed: 2024-04-13T07:28:06.000Z (9 months ago)
- Last Synced: 2024-04-13T21:11:45.306Z (9 months ago)
- Topics: 0e0w, devops, devsecops
- Homepage:
- Size: 19.9 MB
- Stars: 16
- Watchers: 1
- Forks: 4
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# DevSecOps-开发和安全和运营
![DevSecOps](https://socialify.git.ci/ASTTeam/DevSecOps/image?description=1&font=Inter&forks=1&issues=1&name=1&owner=1&pattern=Floating%20Cogs&pulls=1&stargazers=1&theme=Light)
本项目用来收集整理学习DevSecOps相关内容,包括DevSecOps的理念产品以及衍生的工具思路等。包括开源安全、供应链安全、云原生安全等细分领域。当安全是所有 DevOps 的工作重心时,这便是DevSecOps。DevSecOps是一种方法,是将开发和安全和运营紧密结合起来的思想。DevSecOps-Software development (Dev) and Security (Sec) and IT operations (Ops).
本项目创建于2022年10月20日,最近的一次更新时间为2023年10月10日。作者:[0e0w](https://github.com/0e0w/DevOps)
- [01-DevSecOps资源]()
- [02-DevSecOps书籍]()
- [03-DevSecOps工具]()
- [04-DevSecOps产品]()
- [05-DevSecOps职位]()
- [05-DevSecOps老师]()## 01-DevSecOps资源
- https://github.com/topics/devsecops
- https://github.com/search?q=devsecops一、基础资源
- [ ] https://github.com/sottlmarek/DevSecOps
- [ ] https://github.com/DefectDojo/django-DefectDojo
- [ ] https://github.com/sidd-harth/kubernetes-devops-security
- [ ] https://github.com/devsecops/awesome-devsecops
- [ ] https://github.com/krol3/container-security-checklist
- [ ] https://github.com/devsecops/bootcamp
- [ ] https://github.com/TaptuIT/awesome-devsecops
- [ ] https://github.com/hahwul/DevSecOps
- [ ] https://github.com/lwindolf/lzone-cheat-sheets
- [ ] https://github.com/magnologan/gha-devsecops
- [ ] https://github.com/zemmali/DevSecOps-Toolchain
- [ ] https://github.com/rcarrata/devsecops-demo
- [ ] https://github.com/OWASP/DevSecOpsGuideline
- [ ] https://github.com/michalkoczwara/DevSecOps-Studio
- [ ] https://github.com/devsecops/devsecops
- [ ] https://github.com/wurstbrot/DevSecOps-MaturityModel
- [ ] https://github.com/dsohk/rancher-devsecops-workshop
- [ ] https://github.com/boozallen/devsecops-example-helloworld
- [ ] https://github.com/stelligent/aws-devsecops-workshop
- [ ] https://github.com/aws-samples/devsecops-cicd
- [ ] https://github.com/PGCSEDS-IIITH/devsecops-iris
- [ ] https://github.com/We5ter/Awesome-DevSecOps-Platforms
- [ ] https://github.com/ztosec/hunter
- [ ] https://github.com/pawnu/PythonSecurityPipeline
- [ ] https://github.com/aws-asean-builders/devsecops
- [ ] https://github.com/baidu/openrasp
- [ ] https://github.com/cloudsecurityalliance/wg-DevSecOps
- [ ] https://github.com/0xsomnus/Solidity-DevSecOps-Standard
- [ ] https://github.com/OWASP/glue
- [ ] https://github.com/OWASP/RiskAssessmentFramework
- [ ] https://github.com/michelin/ChopChop
- [ ] https://github.com/AErmie/DevSecOps
- [ ] https://github.com/GSA/DevSecOps
- [ ] https://github.com/lgmorand/DevSecOpsTable
- [ ] https://github.com/krol3/devsecops-resources
- [ ] https://github.com/GSA/security-benchmarks
- [ ] https://github.com/aws-samples/devsecops-workshop-on-aws
- [ ] https://github.com/PacktPublishing/Accelerating-DevSecOps-on-AWS
- [ ] https://github.com/trufflesecurity/trufflehog
- [ ] https://github.com/SpectralOps/preflight
- [ ] https://github.com/aquasecurity/tfsec
- [ ] https://github.com/aquasecurity/trivy
- [ ] https://github.com/gravitl/netmaker
- [ ] https://github.com/prowler-cloud/prowler
- [ ] https://github.com/bridgecrewio/checkov
- [ ] https://github.com/turbot/steampipe
- [ ] https://github.com/anteater/anteater
- [ ] https://github.com/Swordfish-Security/awesome-devsecops-russia
- [ ] https://mp.weixin.qq.com/s/_jBmFdtyXY5D_YrrTUP1iQ二、学术论文
- [Google学术搜索](https://scholar.google.com.hk/scholar?hl=zh-CN&as_sdt=0%2C5&q=devsecops&btnG=)
三、论坛社区
- 高效运维社区
- DevOps时代社区四、其他资源
- [ ] https://github.com/murphysecurity/murphysec
- [ ] https://www.veracode.com/solutions/devsecops
- [ ] https://github.com/BBVA/apicheck
- [ ] https://github.com/defenseunicorns/zarf
- [ ] https://github.com/rcarrata/devsecops-demo
- [ ] https://github.com/fluidattacks/makes
- [ ] https://github.com/cider-security-research/cicd-goat## 02-DevSecOps书籍
一、中文书籍
- [ ] [《DevSecOps敏捷安全》](https://item.jd.com/13272303.html)@子芽
- [x] [《DevSecOps实战》](https://item.jd.com/13016425.html)@周纪海等著#50%二、英文书籍
- [ ] [《DevSecOps》](https://item.jd.com/10028188284125.html)@Glenn Wilson
- [ ] [《Learning Devsecops》](https://item.jd.com/10040874594859.html)@Ribeiro
- [ ] https://github.com/6mile/DevSecOps-Playbook## 03-DevSecOps工具
本部分主要关注DevSecOps中的Sec类工具,其中包括开源工具商业产品等。不仅是SAST工具!
一、SAST
- https://github.com/ASTTeam/SAST
- https://github.com/ASTTeam/Fortify
- https://github.com/ASTTeam/SonarQube
- https://github.com/ASTTeam/Checkmarx
- https://github.com/ASTTeam/CodeQL
- https://github.com/ASTTeam/Semgrep
- https://github.com/ASTTeam/BlackDuck二、DAST
- https://github.com/ASTTeam/DAST三、IAST
- https://github.com/ASTTeam/IAST四、SCA
- https://github.com/ASTTeam/SCA五、Others
- [ ] https://github.com/infobyte/faraday
- [ ] https://github.com/tenable/terrascan
- [ ] https://github.com/bunkerity/bunkerweb
- [ ] https://github.com/deepfence/ThreatMapper
- [ ] https://github.com/archerysec/archerysec
- [ ] https://github.com/Checkmarx/kics
- [ ] https://github.com/lunasec-io/lunasec
- [ ] https://github.com/GitGuardian/ggshield## 04-DevSecOps产品
- 悬境安全:https://www.xmirror.cn
- 墨菲安全:https://www.murphysec.com
- 火线安全:https://www.huoxian.cn
- 探真科技:https://www.tensorsecurity.cn
- 思客云:http://www.secureyun.cn
- 龙智:https://www.shdsd.com
- 开源网安:https://www.seczone.cn
- 嘉为蓝鲸:https://www.canway.net
- https://www.microfocus.com/zh-cn/devsecops## 05-DevSecOps岗位
- [PingCAP-DevSecOps 安全专家](https://careers.pingcap.com/apply/pingcap/39950/#/job/3a7c73a4-cbd3-4381-bd68-8e5291710cf8)
## 06-DevSecOps老师
![Stargazers over time](https://starchart.cc//ASTTeam/DevSecOps.svg)