devsecops

DevSecOps demo environment to demonstrate the use case for several security related checks. In the past, it was quite cumbersome to perform these in CI/CD (e.g. Azure DevOps). Using GitHub (actions) and all the available security tools, secure development is a lot easier than it used to be.

Uses the following:

Perform a pen test using OWASP (Github action)
Code testing (Security feature: CodeQL)
DependencyScan (using Dependabot)

Wishlist:

IaC validations https://github.com/Azure/arm-deploy

Github security: https://github.com/security

CodeQL (define queries against your code) https://codeql.github.com/

Migrate Azure DevOps to GitHub: https://solidify.dev/blog/migrating-from-azure-repos-to-github https://docs.github.com/en/actions/migrating-to-github-actions/migrating-from-azure-pipelines-to-github-actions

Name		Name	Last commit message	Last commit date
Latest commit History 11 Commits
.github/workflows		.github/workflows
demos		demos
README.md		README.md
SECURITY.md		SECURITY.md

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

devsecops

About

Releases

Packages

snefs/devsecops

Folders and files

Latest commit

History

Repository files navigation

devsecops

About

Resources

Security policy

Stars

Watchers

Forks

Releases

Packages 0

Packages