Welcome to the "Secure Pipeline" workshop! This hands-on workshop teaches you how to build a comprehensive security-focused CI/CD pipeline with multiple layers of security scanning and best practices.
JenkinsBreaker: Offensive CI/CD security research framework focused on Jenkins exploitation, CVE chaining, and pipeline compromise scenarios.
A Dagger module for automated container security auditing. Integrates with Trivy, Grype, and Snyk to perform vulnerability scans, enforce best practices, and generate compliance reports for CI/CD pipelines.
Materials from The Data Engineering Academy
Demonstrates insecure vs hardened CI/CD pipelines with secrets handling, least-privilege access, and security validation for DevSecOps.
CI/CD Pipeline Security Audit Lab - Hands-on exercise for Software and Data Integrity Failures (OWASP A08:2021). Part of Dibimbing.id cybersecurity bootcamp.
Repository untuk tugas DevSecOps Week5 — SAST & DAST
DevSecOps CI/CD pipeline scanner — Jenkins, GitHub Actions, GitLab, Azure Pipelines
Secure CI/CD pipeline demonstrating artifact supply chain security using GitHub Actions, JFrog Artifactory, and Xray.
Add a description, image, and links to the pipeline-security topic page so that developers can more easily learn about it.
To associate your repository with the pipeline-security topic, visit your repo's landing page and select "manage topics."