secure-development

There are 1 repository under secure-development topic.

• OWASP / pytm

  A Pythonic framework for threat modeling

  data-flow-diagramsequence-diagramdfdpythonic-frameworkthreatsthreat-modelingthreat-modeling-from-codesecure-developmentdiagramdataflow
  Language:Python 1058

• wh0isdxk / DesenvolvimentoSeguro

  Principios e Boas Práticas sobre Desenvolvimento Seguro

  securitysecurity-by-designdevelopmentdesenvolvimento-segurosegurancasecure-developmentseguranca-da-informacaohacktoberfesthacktoberfest2022hacktoberfest2024
  704

• nowsecure / secure-mobile-development

  A Collection of Secure Mobile Development Best Practices

  secure-developmentmobile-securityiosandroidbest-practicesgitbooknowsecureapple
  Language:CSS 566

• Autodesk / continuous-threat-modeling

  A Continuous Threat Modeling methodology

  application-securitysecure-developmentthreat-modeling
  327

• yevh / TaaC-AI

  AI-driven Threat modeling-as-a-Code (TaaC-AI)

  application-securitydevsecopsgptgpt-3gpt-4secure-developmenttaacthreatthreat-modelingthreat-modeling-from-codethreat-modeling-toolthreat-modelsaillm-securityclaude-3mistral-7b
  Language:HTML 151

• nxenon / DevSecOps

  ♾️ Collection of DevSecOps Notes + Resources + Courses + Tools

  devsecopsdevsecops-best-practicessdlcsecure-developmentdevsecops-notesdevsecops-resourcesiastsastsbomsecret-managementsecure-codingsoftware-bill-of-materialsoftware-composition-analysisthreat-modelthreat-modelingstatic-analysis-security-testingdefectdojodependency-track
  Language:Python 69

• rusakovichma / TicTaaC

  Easy-to-use Threat modeling-as-a-Code (TaaC) solution following DevSecOps principles. Simple CI/CD integration as well as console usage. Sugar-Free and Secure: no any external dependencies except for chart plotting are used

  threat-modelingthreat-modeling-toolapplication-securitythreat-modelsthreat-modeling-from-codethreat-modelthreatsecure-developmentappsecdevsecops
  Language:Java 67

• Hack23 / ISMS-PUBLIC

  Hack23 Public Information Security Management System:Security Through Transparency and Open Documentation Demonstrating Security Excellence Through Public ISMS Disclosure

  information-securityismsmanagement-systemtransparencycybersecuritycompliancerisk-managementsecurity-policyvulnerability-managementbusinesscontinuitygovernanceiso27001cis-controlsnistcsfsuppliersinformation-security-policiesdevsecopssecure-developmentsecurity-architectureenterprise-security-architecture
  14

• broadinstitute / dsp-appsec-infrastructure-apps

  This repository hosts DSP AppSec internal infrastructure apps deployed in GKE.

  secure-developmentsecuritysecurity-toolscis-scannerzap-scannerapplication-securityappsecappsec-toolsappsecuritysecurity-automationsecurity-scansecurity-scannerdevsecops
  Language:Python 7

• Hack23 / talks

  How to secure your development pipeline with static application security test (SAST) / Dynamic application security test (DAST), software composition analysis (SCA) using Sonarqube.

  sonarqubedevsecopsscasastdastmavencode-securitysecure-developmentapplication-securitysoftware-composition-analysisdependency-scanningvulnerability-managementopen-source-securitystatic-analysisdynamic-analysis
  7

• ThalesGroup / besec

  Self-service SDLC and maturity measurement

  maturity-modelsdlcsecure-development
  Language:TypeScript 7

• CyberismoCom / cyberismo

  A security-as-code tool for making a difference in cybersecurity

  secure-developmentsecurity-as-codesecurity-tools
  Language:TypeScript 6

• dschulmeist / secure-design-patterns

  implementation of some secure design patterns with explanation

  architecturedesign-patternssecuresecure-developmentsecure-design-pattern
  Language:Java 4

• yandex-cloud-examples / yc-webinar-security-pipeline-2023

  Материалы к вебинару «Как выстроить процесс безопасной разработки в Yandex Cloud».

  cosignkmsscanning-imagessecure-developmentslsayandex-cloudyandexcloud
  4

• moogiio / SecureCodePuzzles

  Just like chess puzzles, but with code

  puzzlesecure-developmentcode-puzzle
  Language:C# 2

• CyberismoCom / module-secure-development-essentials

  Essentials for secure development, including threat modeling

  secure-developmentthreat-modelingarchitecture-diagramssoftware-architecture
  Language:Answer Set Programming 1

• DevOpsThinh / SoftwareEngineeringRevised

  The Art of Software Engineering - The Road to better Software Development

  data-oriented-designdeclarative-programmingdevelopment-experiencedomain-driven-designfunctional-programmingsecure-developmentserverlesssoftware-engineeringweb-architecturesdlcsoftware-architecture
  1

• gabrielldn / SecureFlow-CI-CD

  SecureFlow-CI-CD demonstrates a CI/CD pipeline using GitHub Actions to perform security checks and analyses on a Python project.

  banditci-cdcicdcodeqldependency-scanningdevsecopsflake8github-actionspipelinepytestpythonsecure-developmentsecuritystreamlit
  Language:Python 1

• jgadsden / www-project-threat-dragon

  OWASP Foundation project Threat Dragon

  owaspsecure-developmentthreat-modeling
  Language:HTML 1

• scottnorton-io / pci-dss-v4-article-series

  Complete PCI DSS v4.0 Compliance Article Series — Requirements 1–12, Appendices A1/A2 and A3, Governance Assets, and Compliance Lifecycle Guidance.

  compliancecontinuous-compliancecybersecuritydocumentationgovernanceinformation-securitypci-dssrisk-managementsecure-developmentsecurity-awarenessstandards
  Language:Python 1

• tatilimongi / Secure-UserForm

  A secure user authentication system with JWT, implementing best practices for secure development, including RBAC, PBAC, session expiration, password encryption with BCrypt, simple audit logging, and Docker containerization as part of a Secure Development course project.

  csrfjavajwtpassword-encryptionrestful-apisecure-developmentsecure-password-storagesecurityspring-bootuser-authenticationaudit-loggingbcryptdockerpbacrbacsession-managementdependabotvulnerability-scannercode-qualitysonarqube
  Language:Java 1

• TheLaw1234 / flower-cafe-and-shop

  A blog where only members are allowed to view the content. Please view the README file for more information.

  phpbootstrapjavascriptbcrypthashinghtmlphpmailerblowfishsecure-developmentcssherokusql
  Language:PHP 0

• epicchainlabs / libcrypton-crypto-utils

  Libibrary Crypto Utils is a powerful and versatile repository within the libcrypton ecosystem, designed to provide essential cryptographic utility functions and helper tools for the EpicChain blockchain ecosystem.

  crypto-utilitiescryptographic-toolsdeveloper-resourcesepicchain-ecosystemepicchain-toolslibcryptonsecure-developmentblockchain-encryptionlibrary-crypto-utils
  Language:C++

• Joelone / pytm

  A Pythonic framework for threat modeling

  data-flow-diagramsequence-diagrampythonic-frameworkthreat-modelingthreat-modeling-from-codesecure-developmentdfdthreat
  Language:HTML

• johanlindfors / demos

  secure-development
  Language:Jupyter Notebook

• johanlindfors / samm

  secure-developmentowaspsdlcsecdevops
  Language:JavaScript

• johanlindfors / SecureCodingPatternsDemos

  secure-development
  Language:C#

• johanlindfors / threat-model-templates

  Templates for the Microsoft Threat Modeling Tool

  secure-developmentthreatmodeling

• Rafa-x64 / proyecto

  Este repositorio contiene una base modular para aplicaciones web en PHP, organizada bajo el patrón Modelo-Vista-Controlador (MVC). Está diseñada para desarrolladores que buscan una arquitectura clara, escalable y segura, con separación estricta entre lógica, presentación y flujo de ejecución.

  ajaxapachebootstrap5composerdeveloper-guidedocumentationdynamic-viewsgit-workflowjavascriptmodular-architecturemvcopensslpassword-hashingpdophpphp-mvcprepared-statementssecure-developmenttemplate-engineweb-template
  Language:PHP