General

Repositories

  • awesome-devsecops: Curating the best DevSecOps resources and tooling ๐ŸŒŸ (Recommended)
  • dynamic-analysis: A curated list of dynamic analysis tools and linters
  • static-analysis: A curated list of static analysis (SAST) tools and linters

Technique

Technology

Tools

SAST

  • Sonarqube: An on-premise analysis tool designed to detect coding issues
    • Sonar Rule: The collections of rule integrate into Sonarqube Server