Faraday's Command Line Interface
Fortify Jenkins plugin
coreSigma is a macOS ESF & UL telemetry pipeline, detection, and threat hunting app for security analysis, using Sigma and Sigma backend for rule creation and translation.
AegisFlow is a threat-aware CI/CD pipeline that integrates real-time threat intelligence (AlienVault OTX), MITRE ATT&CK-based static analysis, and SBOM-driven CVE detection to automate secure software delivery.
This project provides examples, scripts, and best practices for integrating Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST) into modern CI/CD pipelines. The goal is to catch vulnerabilities early, automate remediation feedback, and ensure secure delivery without slowing down development.
Repository untuk tugas DevSecOps Week6 — Software Composition Analysis (SCA)
Python security gate with intelligent ML scoring that reduces false positives by 95%. Orchestrates Bandit, pip-audit, and Semgrep into a unified CI/CD pipeline. Includes baseline management, policy enforcement, and explainable predictions. Production-ready with comprehensive tests.
Production AppSec CI/CD pipeline — SAST, SCA, secrets, DAST, IaC
Orchestrate idea-to-delivery flows with multi-agent CLI planning, reviews, and task execution in one workspace
GitHub Actions pipeline that detects, gates, and audits AI-generated code — policy checks, security scans (Gitleaks + Semgrep), sandboxed tests, and risk-scored reviews
Add a description, image, and links to the security-pipeline topic page so that developers can more easily learn about it.
To associate your repository with the security-pipeline topic, visit your repo's landing page and select "manage topics."