7 Go Devsecops Libraries

An open-source tool for auditing your software supply chain stack for security compliance based on a new CIS Software Supply Chain benchmark.

📖 Documentation Chain-bench is an open-source tool for auditing your software supply chain stack for security compliance based on a new CIS Software

Prevent CI/CD Bad Practices

Protecting Your Production Pipelines! What is Allero? Allero is a CLI policy enforcement tool that prevents bad practices in any CI/CD pipeline. CI/CD

A simple tool to audit your AWS infrastructure for misconfiguration or potential security issues.

YATAS Yet Another Testing & Auditing Solution The goal of YATAS is to help you create a secure AWS environment without too much hassle. It won't check

A simple webhook API to run system commands or scripts. Great for triggering deployments or other Linux operational tasks.

pal A simple webhook API to run system commands or scripts. Great for triggering deployments or other Linux operational tasks. Features Auth header re

🔍🔍 Malware scanner for cloud-native, as part of CI/CD and at Runtime 🔍🔍

YaraHunter Deepfence YaraHunter scans container images, running Docker containers, and filesystems to find indicators of malware. It uses a YARA rules

🔍🔍 Malware scanner for cloud-native, as part of CI/CD and at Runtime 🔍🔍

YaRadare Deepfence YaRadare ("Yara-rā,där") scans container images, running Docker containers, and filesystems to find indicators of malware. It uses

Quickly set up a ready to use development environment integrated with a multi-account CI/CD pipeline following security and DevOps best practices

DevSecOps Quick Start This artefact helps development teams to quickly set up a ready to use environment integrated with a multi-account CI/CD pipelin