Devops

A SaaS-based web application firewall that combines signature and behavioral-based threat detection to protect applications deployed across cloud, on-premises and edge environments.

Aqua Security is a CNAPP that provides comprehensive security for cloud native applications across their entire lifecycle, from development to production, in various cloud and container environments.

A visual guide that maps attack vectors and exploitation techniques for identifying vulnerabilities in GitHub Actions configurations and CI/CD pipelines.

Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.

Anchore Enterprise is a platform that protects and secures software supply chains end-to-end.

A developer-first, API-driven platform that provides development teams with a suite of tools to improve code quality, security, and engineering performance, seamlessly integrated into their existing development workflows.

An educational repository providing structured lab materials and scripts for learning container technologies and their internal mechanisms.

AWS Vault securely stores AWS IAM credentials in the operating system's keystore and generates temporary credentials for development environments.

A Golang-based container security scanner that identifies potential vulnerabilities and misconfigurations in container environments by checking namespacing, capabilities, security profiles, and host device mounts.

App-Ray offers comprehensive security analysis and compliance solutions for mobile applications.

A reference guide providing Docker commands and concepts for containerized application development and deployment.

StackStorm is an open-source automation platform that connects and automates DevOps workflows and integrates with existing infrastructure.

Clinv is a command line DevSecOps asset inventory tool for tracking and managing digital assets across organizational infrastructure.

Fast Intercept is a security automation platform that empowers users to maximize their existing security products and automate routine tasks.

minikube is a local Kubernetes cluster management tool that enables developers to run and test Kubernetes applications on their local machines across multiple operating systems.

A framework for analyzing container images, running scripts inside containers, and gathering information for static analysis and policy enforcement.

GAUNTLT - Security and Rugged Testing tool

Chamber is a command-line tool for managing secrets by storing them in AWS SSM Parameter Store with path-based API support for improved performance.

Buildah is a command-line tool for building and managing container images in OCI and Docker formats without requiring a running daemon.

Docker's Actuary is an automated security assessment tool that checks Docker container deployments against configurable best-practice checklists to ensure production readiness.

A blog post discussing the differences between Solaris Zones, BSD Jails, VMs, and containers, with the author arguing that containers are not a real thing.

Atomic Reactor is a Python library and CLI tool for building Docker images with advanced features including Git integration, registry operations, and build system integration.