High-performance open-source security scanner combining SAST, SCA, Secret Detection, and IaC analysis, built for developers and CI/CD pipelines, using AI for recommendation!
-
Updated
Jul 7, 2026 - Go
High-performance open-source security scanner combining SAST, SCA, Secret Detection, and IaC analysis, built for developers and CI/CD pipelines, using AI for recommendation!
Curated catalog of generally useful kpt functions
Static analysis from configs → Kubernetes NetworkPolicies in seconds
TrendAI Vision One Container Security Scan Action
Managing GitHub Advanced Security (GHAS) Controls at Scale
A complete DevSecOps CI/CD automation pipeline for a Node.js application using GitHub Actions, Docker, Trivy security scanning, and Kubernetes (Minikube), implementing shift-left security and cloud-native deployment practices.
Advanced Conftest GitHub Action for Terraform, Kubernetes, Helm & Dockerfile policy scanning with SARIF, GitHub Security, Slack, Teams and Google Chat notifications.
Pipeline DevSecOps experimental para TCC, medindo o impacto de SAST, SCA e DAST no lead time de CI/CD com FastAPI, Docker, Kubernetes, GitHub Actions e SonarQube.
Enterprise-style DevSecOps CI/CD pipeline demo using GitHub Actions, Semgrep, CodeQL, TruffleHog, pip-audit, and pre-commit.
Enterprise DevSecOps pipeline: GitHub Actions, Terraform, container security scanning, SAST/DAST, policy-as-code, and automated compliance validation
Pre-cloud web application security assessment including vulnerability analysis, remediation, and cloud security controls.
Workflow Templates for SAST with semgrep, SCA with Trivy, Malware Detection with Depx and Supply Chain attack Mitigation with Custom Age Checks
Catch IaC security misconfigurations before production. 100+ rules across Terraform, CloudFormation & Ansible. 9 compliance frameworks.
Servidor LSP para análise estática e conformidade contínua com a LGPD em pipelines DevSecOps (Compliance as Code).
End-to-end DevSecOps CI/CD pipeline integrating SAST, SCA, Secrets Scanning, Container Security, and DAST with automated security gates and deployment blocking using GitHub Actions.
Git hooks for improving developer experience and security
deliver SAST results to gitlab merge request discussions https://github.com/jonny64/sarif2gl/wiki https://npmjs.com/package/sarif2gl
A production-style DevSecOps CI/CD pipeline demonstrating shift-left security with open-source tools. It performs SAST, secrets detection, dependency and container scanning, SBOM generation, and image signing before deploying to Kubernetes. The pipeline can run locally or via GitHub Actions and generates security reports for validation.
CI/CD compliance gate for Australian ISM and Essential Eight — checks K8s, Docker, and IaC via OPA/Rego policies
Beyond Shift Left: Runtime Security with Falco on AWS EKS
Add a description, image, and links to the shift-left-security topic page so that developers can more easily learn about it.
To associate your repository with the shift-left-security topic, visit your repo's landing page and select "manage topics."