Coder Social home page Coder Social logo

whitespots-ou / devsecops-pipelines Goto Github PK

View Code? Open in Web Editor NEW
50.0 4.0 9.0 8 KB

Application Security pipelines

Home Page: https://whitespots.io/

application-framework application-security devsecops devsecops-best-practices devsecops-pipeline devsecops-tools

devsecops-pipelines's Introduction

Application Security pipelines ๐Ÿš€

๐Ÿ“œ Summary

This open-source framework is designed for application security managers and engineers to increase the speed of integration of security practices into the development lifecycle.

Here you may see the process demonstration:

Process demonstration

(Youtube video)

โš™๏ธ Requirements

Engeneering

Systems:

Management

People: 1 engineer + 1 manager

Time: 2 weeks for technical integration if all systems exist and the network access is granted

Risks:

  • Vulnerabilities will not be fixed without agreement with the business team that reducing the WRT metric is one of its goals
  • You may have so many vulnerabilities in your code base that you would need another security engineer to verify them

1. Setup pipelines

Gitlab group with all repositories

Pipelines repo

Security images repo

Setup

(Youtube video)

2. Triage vulnerabilities in DefectDojo

(Click, it's video)

triage

(Youtube video)

3. Integrate more difficult checks

(Click, it's video)

triage

(Youtube video)

4. Contact us

Email

Website

Telegram

devsecops-pipelines's People

Contributors

whitespots avatar

Stargazers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar avatar avatar

Forkers

tmacbg alsarmi sajibekanti pianomanx xtiankisutsa brinhosa yogikortisa gilbranfairuz

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.