DevSecOps & Pipeline Security
Tools for integrating security into the development pipeline and DevOps processes.

JFrog Xray
A software composition analysis (SCA) solution that identifies vulnerabilities in open-source components and license compliance violations.

PagerDuty Full Service Ownership Documentation
guide to help teams transition to a full-service ownership model.

Checkmarx SAST
A static application security testing tool that identifies and mitigates security vulnerabilities early in the software development life cycle.

TerraGoat
TerraGoat is a Terraform repository designed to demonstrate common configuration errors in cloud environments.

Hammer
Dow Jones Hammer : Protect the cloud with the power of the cloud(AWS)

PagerDuty DevSecOps Documentation
A guide for integrating security into the development and operations lifecycle, emphasizing the importance of early security checks and cross-team collaboration.

Pulumi
Pulumi is an Infrastructure as Code (IaC) platform that allows developers to manage cloud resources using familiar programming languages.

SecHub
A unified integration mechanism for managing multiple security tools and scanners through a simple API/client interface.

CloudWorks
CloudWorks is a cloud security tool developed by the Air Force Research Laboratory that focuses on securing software development and deployment.

SonarQube
A robust static code analysis tool for maintaining high code quality and security in software projects.

Anchore DevSecOps
A solution for integrating security measures throughout the software development lifecycle, focusing on vulnerability scanning, secrets detection, and malware identification.