xeusnguyen.xyz

Search

Recent Notes

The awesome of Kubernetes Walkthroughs
May 11, 2025
Kubewekend Session Extra 2: Rebuild Cluster with RKE2 or K3S
May 11, 2025

See 149 more →

❯

Tech Second Brain

❯

❯

The awesome of DevSecOps

The awesome of DevSecOps

Apr 06, 2025, 1 min read

#devsecops
#collections
#awesome
#usage

General

Repositories

dynamic-analysis: A curated list of dynamic analysis tools and linters
static-analysis: A curated list of static analysis (SAST) tools and linters

Technique Articles

Deepfactor - Security Scanning Tools Defined: SAST, IaC, SCA, DAST, IAST/RASP, Container Runtime Security and Runtime SCA
Outpost24 - What is best for application security testing: SAST, DAST, or SCA
Microsoft - Zero Trust DevSecOps

Technology Articles

OWASP - DevSecOps Guideline
Medium - Building end-to-end DevSecOps for AWS Migration: Security at Entry Level with open source SCA, SAST and DAST tools
Medium - Establishing an Enterprise-Ready DevSecOps CI/CD Pipeline on GitHub Actions on Google Cloud

Tools

SAST

Sonarqube: An on-premise analysis tool designed to detect coding issues
- Sonar Rule: The collections of rule integrate into Sonarqube Server

Graph View

General
Repositories
Technique Articles
Technology Articles
Tools
SAST

Backlinks

No backlinks found

Created with Quartz v4.2.2 © 2025

GitHub
Spiderum
HackMD
Viblo
Medium
Youtube
Twitter
Linkedin