Cyber security

Awesome DevSecOps – A Comprehensive Guide To Resources And Tooling

DevSecOps is an extension of the DevOps movement that aims to bring security practices into the development lifecycle through developer-centric security tooling and processes.

Contributions welcome. Add links through pull requests or create an issue to start a discussion.

Contents

  • Resources
    • Articles
    • Books
    • Communities
    • Conferences
    • Newsletters
    • Podcasts
    • Secure Development Guidelines
    • Secure Development Lifecycle Framework
    • Toolchains
    • Training
    • Wikis
  • Tools
    • Dependency Management
    • Dynamic Analysis
    • Infrastructure as Code Analysis
    • Intentionally Vulnerable Applications
    • Monitoring
    • Secrets Management
    • Secrets Scanning
    • Static Analysis
    • Supply Chain Security
    • Threat Modelling
  • Related Lists

Resources

Articles

Books

  • Alice and Bob Learn Application SecurityTanya Janca – An accessible and thorough resource for anyone seeking to incorporate, from the beginning of the System Development Life Cycle, best security practices in software development.

Communities

  • MyDevSecOpsSnyk – A community that runs conferences, a blog, a podcast and a Slack workspace dedicated to DevSecOps.

Conferences

  • AppSec DayOWASP – An Australian application security conference run by OWASP.
  • DevSecConSnyk – A network of DevSecOps conferences run by Snyk.

Newsletters

  • Shift Security LeftCossack Labs – A free biweekly newsletter for security-aware developers covering application security, secure architecture, DevSecOps, cryptography, incidents, etc. that can be useful for builders and (to a lesser extent) for breakers.

Podcasts

  • Absolute AppSecSeth Law & Ken Johnson – Discussions about current events and specific topics related to application security.
  • Application Security PodcastSecurity Journey – Interviews with industry experts about specific application security concepts.
  • BeerSecOpsAqua Security – Breaking down the silos of Dev, Sec and Ops, discussing topics that span these subject areas.
  • DevSecOps Podcast SeriesOWASP – Discussions with thought leaders and practitioners to integrate security into the development lifecycle.
  • The Secure DeveloperSnyk – Discussion about security tools and best practices for software developers.

For more information click here.

Varshini

Varshini is a Cyber Security expert in Threat Analysis, Vulnerability Assessment, and Research. Passionate about staying ahead of emerging Threats and Technologies.

Leave a Comment
Share
Published by
Varshini
Tags: Awesome DevSecOpscybersecurityinformationsecuritykalilinuxkalilinuxtools
1 year ago

Recent Posts

Comments in Bash Scripts

What Are Bash Comments? In Bash scripting, comments are notes in your code that the…

15 hours ago

Shebang (#!) in Bash Script

When you write a Bash script in Linux, you want it to run correctly every…

1 day ago

Bash String Concatenation – Bash Scripting

Introduction If you’re new to Bash scripting, one of the first skills you’ll need is…

2 days ago

Learn Bash Scripting: How to Create and Run Shell Scripts for Beginners

What is Bash Scripting? Bash scripting allows you to save multiple Linux commands in a file and…

2 days ago

Bash if…else Statement – Bash Scripting

When it comes to automating tasks on Linux, Bash scripting is an essential skill for both beginners…

2 days ago

Bash Functions Explained: Syntax, Examples, and Best Practices

Learn how to create and use Bash functions with this complete tutorial. Includes syntax, arguments,…

5 days ago