Jeff Williams's repositories
awesome-devsecops
An authoritative list of awesome devsecops tools with the help from community experiments and contributions.
Book_Generation_Z_Developer
Book to hold the content files for the 'Generation Z Developer'
spring-petclinic
Spring PetClinic modified to include vulnerabilities for the purpose of demonstrating the power of IAST and RASP.
Benchmark
OWASP Benchmark is a test suite designed to verify the speed and accuracy of software vulnerability detection tools. A fully runnable web app written in Java, it supports analysis by Static (SAST), Dynamic (DAST), and Runtime (IAST) tools that support Java. The idea is that since it is fully runnable and all the vulnerabilities are actually exploitable, it’s a fair test for any kind of vulnerability detection tool. For more details on this project, please see the OWASP Benchmark Project home page.
DevSecOpsGuideline
The OWASP DevSecOps Guideline can help us to embedding security as a part of the development pipeline.
GenerativeAIPolicy
Open Source Generative AI Policy
java-buildpack
Cloud Foundry buildpack for running Java applications
owasp-change.github.io
An Open Letter to the OWASP Board
sarif-spec
OASIS SARIF TC: Repository for development of the draft standard, where requests for modification should be made via Github Issues
www-community
OWASP Community Pages are a place where OWASP can accept community contributions for security-related content.